Zloader is a malicious program Which spreads to infected websites. Users may be affected by infected email or advertising. The purpose of this malicious program is to steal bank certificates as well as other sensitive user information.

ᲙGood Zloder started as a Troy The bank came to spread various types of malware, including ransomWhich encrypts and makes inaccessible files, documents and other items that may be stored on the infected computer.

To maximize its accessibility, Zloader is distributed through botnets, i.e. networks of infected computers that end up affecting other new computers and thus the infected network grows.

Now Microsoft has announced that through the Digital Crime Division (DCU), Legal and technical steps have been taken to disrupt the Zloader botnet.

This botnet consists of computer devices in businesses, hospitals, schools and homes around the world. In addition, it is run by a global Internet-based organized crime gang that operates malware as a service designed to steal and extort money.

Thanks to a court ruling, the company has managed to move domains to Microsoft sinks where they can no longer be used by criminal botnet operators.

Zloader contains a domain generating algorithm (“DGA”) built into the malware Which creates additional domains as an alternative or backup communication channel for the botnet. In addition to encrypted domains, a court order allows the seizure of 319 currently registered DGA domains. In turn, work is already underway to block future registration of DGA domains.

The investigation revealed one of the culprits behind the creation of the component that was used to distribute the ransomware on the ZLoader botnet. Named Denis Malikov, from Simferopol on the Crimean peninsula.

The name of the person involved in the case was chosen to make it clear that cybercriminals would not be allowed to hide beyond the anonymity of the internet to commit their crime, the company said.

Initially, the main purpose of Zloader was to steal money, steal login IDs, passwords and other information to get money. On people’s accounts.

Zloader also contains a component that disables popular antivirus and security software, To prevent victims from detecting Zloader infection.

Over time, those behind this botnet began offering malware as a service, a platform for distributing ransomware, including Ryuk, known to healthcare providers.

To investigate, which allowed the system to crash, Microsoft worked with Eset, Black Lotus Labs (Lumen’s threat intelligence division) and Palo Alto Networks’ 42nd unit.

It also had additional data and information to strengthen the legal case of the Partners Financial Services Information Sharing and Analysis Centers (FS-ISAC, its acronym in English) and the Health Information Exchange and Analysis Center (H-ISAC, abbreviated). English). He also had Avast support in Europe.

Security measures

This malware was distributed through advertisements or messages on pages indicating the need to download an update that contained malicious code. Therefore Always make sure you are on the official page of a given site before downloading any files, apps or updates.

Always keeping all devices updated is very important as they contain security patches. It is also important to be aware of cybercrime attack modes to prevent them from accessing networks and taking precautions recommended by security experts.

Continue reading: