Symantec Takes Down 500k Bitcoin Botnets


Symantec documented ZeroAccess, one of the largest bitcoin mining botnet in the world with more than 1.9 million bots. The peer-to-peer botnet was committed to Bitcoin mining and generating fake click on ads.

The botnet causes massive energy costs and making millions of dollars annually for the operator. The botnet was making just $2165 worth of bitcoins a day. According to the analysis, ZeroAccess botnet was also generating millions of $ annually using click fraud.

Major revenue for ZeroAccess botnet comes from click fraud. As per company analysis, botnet was able to generate around 42 false ad clicks an hour (1008 each day). While each click may pay a penny or even a fraction of a penny, across 1.9 million infected machines, the attacker is potentially generating tens of millions of dollars a year.

Symantec also posted a nice infographic to understand the impact of ZeroAccess botnet, check out the infographic right after the break.


ZeroAccess botnet is based on a peer-to-peer (P2P) command-and-control (C&C) communications architecture, which gives the botnet a high degree of availability and redundancy. Botnet was discovered earlier this March and Symantec team was continuously trying to defeat the botnet. On July 16, team found a loophole in he mechanism which resulted in the detachment of over half a million bots and made a serious dent to the number of bots controlled by the botmaster. Now Symantec is working with ISPs and CERTs worldwide to share their study and help them to get infected computers cleaned.


Leave a Reply

Your email address will not be published. Required fields are marked *