Microsoft released the identities of two alleged members of the Zeus botnet crime ring, which used an estimated 13 million computers infected with the malware to steal more than $100 million.
The botnet operators used the software to show fake or modified Web sites when victims tried to use real banking sites, log their keystrokes to capture victims' identity information, and then use that information to steal money from victims' accounts.
The software giant announced today it had amended a complaint last week to add Yevhen Kulibaba and Yuriy Konovalenko as defendants. The pair is already serving time in the U.K. for other Zeus-related convictions, Microsoft said.
"Our best efforts to identify the remaining John Doe defendants turned up no response," Richard Domingues Boscovich, senior attorney with Microsoft's digital crimes unit, said in a company blog post. "We will continue our efforts to serve defendants Kulibaba and Konovalenko, and the John Doe defendants, with this amended complaint."
Boscovich also noted that since simultaneous raids in March, Zeus botnet infections had declined by about 50 percent. Microsoft and financial services organizations, with an escort of U.S. Marshals, seized command-and-control servers during raids in Scranton, Pa., and Lombard, Ill.
"These successful results represent a significant advancement for the people that Microsoft, the financial industry and law enforcement are all focused on protecting as customers and citizens," Boscovich said.
Over the past three years, Microsoft used court orders to seize command-and-control servers, which run networks of infected machines called botnets, to cripple the operations of the Waledac, Rustock, and Kelihos botets.
The takedown of the Rustock botnet cut the volume of spam across the world by one-third, Symantec reported in March 2011. At its peak, the notorious botnet was responsible for sending out 44 billion spam messages per day, or more than 47 percent of the world's total output, making it the leading purveyor of spam.