The operation saw Microsoft’s digital crimes unit accompanied by those of Symantech and US federal marshals raid a number of data centers in Weekhawken, Mannas Virginia and New Jersey.
According to the two companies, bringing down a cybercrime operation called the Bamital botnet was necessary as the scheme is said to have hijacked search results and charged businesses fraudulently for online advertisements, accruing over $1million in profits.
It is alleged that Bamital redirected results from search engines Google, Yahoo! and Microsoft’s Bing to the authors of the malware site, enabling the fraudsters to channel money from advertisers who pay websites commissions when users click on ads.
The 18 criminals, who are said to be from the US, Russia, Romania and Australia, registered websites and rented servers under fictitious names and earned large sums of money by forcing infected PCs without the knowledge of their owners, thus generating ad clicks.
Symantec researcher Vikram Thakur says it is believed the malware may have originated from Russia or Ukraine.
He termed the operation as just successful in stopping a small click of criminals in a ring where thousands of such groups still exist and continue generating tens of millions of dollars each year.