Lombard company caught up in cyber mafia case
A Lombard data center executive said Tuesday it cooperated in a raid by Microsoft Corp. and the U.S. Marshals Service seeking evidence on a so-called cyber mafia that's been stealing more than $100 million via computers over the past five years.
Lombard-based Continuum Data Centers, on the 800 block of Oak Creek Drive, as well as BurstNet in Scranton, Pa., were both raided Friday because the Web hosting companies “contained valuable data and virtual evidence related to the Zeus botnet,” Richard Boscovich, senior attorney for Microsoft's Digital Crimes Unit, said through a spokeswoman.
The Zeus malware program could help cyber criminals steal users' bank account information, according to Microsoft, which has operations in Chicago and Downers Grove.
Boscovich declined further comment but said the investigation is ongoing and investigators now are analyzing the evidence. A hearing is scheduled for Thursday in the U.S. District Court for the Eastern District of New York.
This is the second time Microsoft has conducted physical seizures in a botnet operation and worked in collaboration with the financial services industry in a move against one of the “most notorious cybercrime operations that fuel online fraud and identity theft,” Microsoft said in a statement.
The Zeus malware is typically installed on PCs of unwitting users who click on phishing links or attachments in spam emails. Zeus can monitor a victim's online activity and log every keystroke typed, which makes identity theft or fraudulent purchases even easier, Microsoft said.
Continuum Data Center, a provider of secure collocation and data services for a range of customers, said it was a customer of one of Continuum's other web hosting customers that had Zeus uploaded to the server.
“The Zeus bot was maliciously uploaded, but my customer was unaware that took place,” Managing Partner Tom Chaffin said.
Chaffin said access for the customer in question had already been suspended earlier in the year, but their archived data is what was made available to Microsoft and the U.S. Marshals.
Chaffin said his company was alerted early Friday of the raid and cooperated fully with the process.
Chaffin said none of the company's other customers were affected by the Zeus bot or the raid and that the company won't be involved in the case moving forward.
“Our involvement was only to facilitate the access for Microsoft and the government to help take down the botnets,” he said.
Microsoft filed a civil suit against the crime ring on March 19 with other co-defendants and was issued a warrant to seize the servers March 23.
Since 2007, Microsoft has detected approximately 3 million computers infected with Zeus malware in the United States and more than 13 million worldwide, according to the company's website.
“As crimes against banks and their customers move from stickups to mouse clicks, we're also using our own mouse clicks — as well as the law — to help protect consumers and businesses,” said Greg Garcia, a spokesman for the three major financial industry associations that worked with Microsoft on this initiative. “Disrupting the Zeus botnets is just one strike in our long-term commitment to help defend and protect people.”