The botnet hit as many as 1.9 million infected "zombie" PCs. Unlike other botnets that have been dismantled by targeting centralized command and control services, ZeroAccess uses a decentralized system where groups of infected computers communication new instructions from the operators of the networks.
Those unlucky enough to be part of the botnet likely have their computer used to mine BitCoins and carry out click fraud.
Symantec managed to cut off a huge chunk of zombie PCs from the botnet by poisoning the communications between infected computers. It started its operation when it noticed an updated ZeroAccess malware was going through the network which would make it much more difficult to disrupt communications.
ISPs have been informed about computers that have been axed from the botnet by Symantec, so that their customers can be told they are running infected machines.
Written by: James Delahunty @ 2 Oct 2013 21:06
