• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Symantec grapples with one of thelargest botnets in history

Mar 26, 2010
9,231 (2.22/day)
Jakarta, Indonesia
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified

Symantec is going toe to toe with ZeroAccess,
one of the largest known botnets in existence
today. On any given day, ZeroAccess has
upwards of 1.9 million computers at its
disposal... or at least, it did. The team has been
working on a method called a sinkhole to take
down the botnet since March but a report
published by security researchers in May
discussing the weakness likely prompted the
ZeroAccess botmaster to upgrade the botnet to
prevent the sinkhole.
As such, a new version of the botnet surfaced
that patched the flaw which made it vulnerable
to being sinkholed. With a viable plan in place,
Symantec moved ahead with the plan and began
to sinkhole non-updated ZeroAccess infections
on July 16. The operation resulted in the
detachment of over half a million bots and made
a serious dent in the number of bots controlled
by the botmaster.
To understand the impact of the sinkhole,
Symantec suggests users need to understand
exactly what the botnet is used for.
Unlike other botnets, ZeroAccess appears to be
designed primarily to deliver payloads to infected
machines. Those payloads are what cause the
problems and with ZeroAccess, it boils down to
two types that are both aimed at generating
revenue: click fraud and Bitcoin mining.

In laboratory testing, Symantec found that each
bot generated roughly 42 false ad clicks per hour
which could potentially earn the botmaster tens
of millions of dollars in revenue per year. A
single computer mining Bitcoin is likely to earn
less than $1 per year but if you have 1.9 million
machines at your disposal, the equation changes
The job isn’t finished, Symantec warned, but
they’ve put a pretty heavy dent in the botnet.
They are now working with ISPs and CERTs
across the globe to share information and help
clean infected machines.

Apr 19, 2012
12,062 (3.55/day)
Gypsyland, UK
System Name HP Omen 17
Processor i7 7700HQ
Memory 16GB 2400Mhz DDR4
Video Card(s) GTX 1060
Storage Samsung SM961 256GB + HGST 1TB
Display(s) 1080p IPS G-SYNC 75Hz
Audio Device(s) Bang & Olufsen
Power Supply 230W
Mouse Roccat Kone XTD+
Software Win 10 Pro
I dont think the botmaster cares. All those millions $$$ generated.


TPU addict
Jun 23, 2007
17,248 (3.34/day)
Processor 2500k \ AMD 3900X+NH-D15
Motherboard ASRock Z68 \ ASRock AM4 X570 Pro 4
Memory Samsung low profile 2x8GB \ Patriot 2x16GB PVS432G320C6K
Video Card(s) eVga GTX1060 SSC \ XFX R9 390X
Storage 2xIntel 80Gb (SATA2) Crucial MX500 \ Samsung 860 1TB +Samsung Evo 250GB+500GB Sabrent 1TB Rocket
Display(s) Samsung 1080P \ LG 43UN700
Case HTPC400 \ Thermaltake Armor case ( VE2000BWS ), With Zalman fan controller ( wattage usage ).
Audio Device(s) Yamaha RX-A820 \ Yamaha CX-830+Yamaha MX-630 Infinity RS4000\Paradigm P Studio 20, Blue Yeti
Power Supply Seasonic Focus 650w \ Seasonic 750w MKII
Mouse Steelseries Sensei wireless \ Steelseries Sensei wireless
Keyboard Logitech K120 \ ROCCAT MK Pro ( modded amber leds )
Benchmark Scores Meh benchmarks.
I dont think the botmaster cares. All those millions $$$ generated.

No probably not but it's some thing that should be added to A/V's and i know i don't want the crap on my system.

Just a shame Symantec are the ones tht are doing it as their software might be free to me ( comcast user )but it's never done what i wanted or needed.

Maybe this will encourage others to follow as well now.
Jul 14, 2006
2,329 (0.42/day)
People's Republic of America
System Name It's just a computer
Processor i9-9900K Direct Die
Motherboard eVGA Z390 Dark
Cooling Dual D5T Vario, XSPC BayRes, Nemesis GTR560, NF-A14-iPPC3000PWM, NF-A14-iPPC2000, HK IV Pro Nickel
Memory G.Skill F4-4500C19D-16GTZKKE or G.Skill F4-3600C16D-16GTZ or G.Skill F4-4000C19D-32GTZSW
Video Card(s) eVGA RTX2080 FTW3 Ultra
Storage Samsung 960 EVO M.2
Display(s) LG 32GK650F
Case Thermaltake Xaser VI
Audio Device(s) Auzentech X-Meridian 7.1 2G/Z-5500
Power Supply Corsair AX1200
Mouse Logitech
Keyboard Logitech
Software Win7 Ultimate x64 SP1
Or, one could pay attention to what one's PC is doing; i.e. monitor Internet connections and applications.

Sysinternals has all the tools one needs.
Oct 4, 2007
2,450 (0.48/day)
System Name PC
Processor i7 9700KF
Motherboard MSI Z390 A PRO
Cooling Noctua NH-U14S
Memory 32GB Corsair Vengeance DDR4 3000mhz
Video Card(s) Palit GTX 1080 Jetstream
Storage 2X Crucial MX500 2TB SSD, Samsung 850 pro 512gb SSD
Display(s) LG 34UM68 34-Inch
Case Corsair Obsidian 550D
Audio Device(s) Audioengine A5+ Speakers
Power Supply Corsair RM750
Mouse Logitech G403
Keyboard Corsair Vengeance K70
Software Windows 10 64bit
dammit they're onto me!!! :p