Symantec uses vulnerability to take out part of the ZeroAccess botnet
Symantec has announced that they've successfully taken down a significant part of the ZeroAccess botnet, by exploiting a weakness discovered in its code.
The ZeroAccess botnet has existed in one form or another since 2010, last September, security vendor Sophos reported that the executable for ZeroAccess had been downloaded approximately 9 million times, and Kindsight, a network-based security and analytics vendor, reported that 2.2 million home networks were infected by the botnet as of Q3 2012.
ZeroAccess spreads via exploit kits, usually after victims have followed a link in email or downloaded pirated software or Warez (key generators or software cracks). The botnet is a virtual money machine, as the primary focus is Bitcoin mining and click-fraud. The rapid spread of the botnet is due largely to the fact that its operator's PPI (Pay-Per-Install) program pays handsomely.