Microsoft Digital Crimes Unit Seizes Servers In PA and IL

On Friday, Microsoft seized web servers in Pennsylvania and Indiana under a civil action authorized by the U.S. District Court for the Eastern District of New York.

Two financial industry associations — the Financial Services Information Sharing and Analysis Center and the National Automated Clearing House Association — were part of the civil action.

According to the NY Times, it was Microsoft personnel who “gathered evidence and deactivated Web servers ostensibly used by criminals.”

Microsoft’s involvement in what had been considered largely a law enforcement function — fighting computer crime — is the brainchild of Richard Boscovich, a former federal prosecutor who is a senior lawyer in Microsoft’s digital crimes unit. That group watches over fraud that could affect the company’s products and reputation.

Mr. Boscovich, who handled drug, computer and financial crime cases in Miami in his former job, devised a novel legal strategy to underpin the growing number of Microsoft’s civil suits against bot-herders. Among other things, he argued that the culprits behind botnets were violating Microsoft’s trademarks through fake e-mails they used to spread their malicious software.

Mr. Boscovich said the Friday sweep was meant to send a message to the criminals behind the scheme, whose identities are unknown. “We’re letting them know we’re looking at them,” said Mr. Boscovich after participating in the Pennsylvania raid, in Scranton.

Microsoft the filed a civil suit on March 19 under RICO, the Racketeer Influenced and Corrupt Organizations Act. It received the warrant to seize the servers on March 23. According to CNN, “That four-day turnaround is virtually unprecedented in the fight against cybercrime.”

The Scranton Times-Tribune reports that the PA hosting company, Burst.net “has not been implicated in the botnet scheme, nor was it aware of it.” The company has nothing about the raid on its news page but it has announced hosting with Linux servers.

The other target, Continuum Data Centers, is just outside of Chicago.

At the heart of the financial crime is a botnet known as Zeus. Read the legal notice.

I don’t know what to think about this. It feels … extra-legal (which is another way to say “it feels wrong”).

If I file a civil suit against you for something, I don’t get to go into your house and look for and then seize alleged evidence said something!

Microsoft complaint against Zeus botnet operators

         

5 Comments

  1. Ok let me get this straight. Microsoft has a digital crimes unit and they are empowered to seize servers and property? Don’t get me wrong, I’m glad someone is kicking down doors at spammers’ offices, but something about that seems a little weird to me at the same time.

  2. Don’t use Microsofts OS and you don’t have to worry about Zeus. Use Linux or Mac OS and Zeus isn’t a problem. I wonder how much of the Burst.net servers run on Linux?

  3. There is an interesting parallel where private parties serve in a quasi legal position. The ASPCA and the Humane Society. Where there are no police agencies tasked for the job they investigate, document, give testimony in court, seize property, etc. All these actions are done with court approval and orders when necessarily. Many States also have full police forces owned and run by private companies, railroad police.

  4. @EEllis – I think it’s a little odd to compare action to protect pets with action to deprive businesses of property.

    And as a friend who is an IT security person noted over on FB …. Microsoft pursuing spammers who exploit security holes is kinda like the pot calling the kettle black. MSFT software, as a general statement, is vulnerable/insecure.

Submit a Comment