Microsoft employees raided some offices in Pennsylvania and Illinois which housed some serious web crime. They were assisted by the U.S. Marshalls by the way. Interesting how involved Microsoft got in the war against web crime. Hit the jump for the full story.




Shotta Dru on Google+

Microsoft employees, accompanied by United States marshals, raided two nondescript office buildings in Pennsylvania and Illinois on Friday, aiming to disrupt one of the most pernicious forms of online crime today — botnets, or groups of computers that help harvest bank account passwords and other personal information from millions of other computers.

With a warrant in hand from a federal judge authorizing the sweep, the Microsoft lawyers and technical personnel gathered evidence and deactivated Web servers ostensibly used by criminals in a scheme to infect computers and steal personal data. At the same time, Microsoft seized control of hundreds of Web addresses that it says were used as part of the same scheme.

The sweep was part of a civil suit brought by Microsoft in its increasingly aggressive campaign to take the lead in combating such crimes, rather than waiting for law enforcement agencies to act. The company’s targets were equipment used to control the botnets, which criminals, known as bot-herders, use for ill intent.

Microsoft has a big interest in making the Internet a safer place. Despite inroads made by Apple and others in some parts of the technology business, Microsoft’s Windows operating system still runs the vast majority of the computers connected to the Internet. The prevalence of its software has made Windows the most appealing target for online criminals, and the security holes they discover in the software are a persistent nuisance for Windows users.

Microsoft’s involvement in what had been considered largely a law enforcement function — fighting computer crime — is the brainchild of Richard Boscovich, a former federal prosecutor who is a senior lawyer in Microsoft’s digital crimes unit. That group watches over fraud that could affect the company’s products and reputation.

Mr. Boscovich, who handled drug, computer and financial crime cases in Miami in his former job, devised a novel legal strategy to underpin the growing number of Microsoft’s civil suits against bot-herders. Among other things, he argued that the culprits behind botnets were violating Microsoft’s trademarks through fake e-mails they used to spread their malicious software.

Mr. Boscovich said the Friday sweep was meant to send a message to the criminals behind the scheme, whose identities are unknown. “We’re letting them know we’re looking at them,” said Mr. Boscovich after participating in the Pennsylvania raid, in Scranton.

Before Friday’s sweep, Microsoft attacked three botnets in the last couple of years through civil suits. In each case, Microsoft obtained court orders that permitted it to seize Web addresses and computers associated with the botnets without first notifying the owners of the property. The secrecy was necessary, Microsoft argued, to prevent criminals from re-establishing new communications links to their infected computers.

Some security experts said Microsoft’s tactics had been effective, even if they had not eradicated the scourge of botnets.

“Taking the disruption into the courthouse was a brilliant idea and is helping the rest of the industry to reconsider what actions are possible, and that action is needed and can succeed,” said Richard Perlotto, director at the Shadowserver Foundation, a nonprofit group that tracks data about tools used for online fraud and forms of computer crime.

Mr. Perlotto and Microsoft said they did not see civil legal action against people who commit online crime as a replacement for law enforcement action, which can result in much stiffer criminal penalties. “We equate this to a neighborhood watch,” Mr. Boscovich said.

Jose Nazario, a senior security researcher at Arbor Networks, an Internet security firm, said that Microsoft’s record against botnets had been a “mixed bag” and that some of its gains were only temporary. After an earlier action against a botnet known as Waledac, for example, the software behind it was modified slightly to create a new botnet.

“You can take out a botnet, but unless you take down the coders and put the clients behind bars, they’re just going to go ahead and do this again,” Mr. Nazario said.