Google subpoenaed in Microsoft Zeus botnet case

In March, Microsoft announced that it had made efforts to shut down servers in two unnamed locations that allegedly had "command and control" operations for botnets that used the Zeus, SpyEye and Ice-IX variants of the Zeus malware family. Now it appears that Microsoft is going after a number of people suspected of running the botnets via email records. In order to accomplish this, Microsoft is apparently sending legal notices to email providers, including Google.

The Krebs on Security website reports, via unnamed sources, that a message sent to one Google account holder involved in the botnet case stated:

Google has received a subpoena for information related to your Google account in a case entitled Microsoft Corp., FS-ISAC, Inc. and NACHA v. John Does 1-39 et al., US District Court, Northern District of California, 1:12-cv-01335 (SJ-RLM) (Internal Ref. No. 224623).

To comply with the law, unless you provide us with a copy of a motion to quash the subpoena (or other formal objection filed in court) via email at google-legal-support@google.com by 5pm Pacific Time on May 22, 2012, Google may provide responsive documents on this date.

The story also claims that a number of security groups have been critical of Microsoft's actions to stop botnets such as the Zeus variant, claiming that the company is not working enough with other security companies or law enforcement authorities on these kinds of operations. Marcia Hofmann, an attorney with the Electronic Frontier Foundation, states:

I suspect this is a situation where Microsoft feels law enforcement isn’t moving quickly enough. But it also basically compromises law enforcement’s ability to do anything about the problem, and makes it possible for the suspects to evade any sort of law enforcement action.

Report a problem with article
Previous Story

Windows RT predicted to grow slowly in tablet market

Next Story

Apple, Samsung claim 99 percent of smartphone profits

9 Comments

Commenting is disabled on this article.

Damn it.. if it was Hotmail Microsoft didn't even have to send a notice. they could have taken it right away. The whole botnet operation would stop a lot faster.

still1 said,
Damn it.. if it was Hotmail Microsoft didn't even have to send a notice. they could have taken it right away. The whole botnet operation would stop a lot faster.


No

HawkMan said,


No

why No? Google can do an objection as stated below but if it was MS Hotmail they propably wouldn't be an objection making the process faster for MS.

"To comply with the law, unless you provide us with a copy of a motion to quash the subpoena (or other formal objection filed in court) via email at google-legal-support@google.com by 5pm Pacific Time on May 22, 2012, Google may provide responsive documents on this date."

why No? Google can do an objection as stated below but if it was MS Hotmail they propably wouldn't be an objection making the process faster for MS.

It wasn't Google doing the objection. Those emails were sent to gmail account holders basically telling them unless they had a legally filed objection to the subpoena, Google will have to hand over their account information to Microsoft:

The Krebs on Security website reports, via unnamed sources, that a message sent to one Google account holder involved in the botnet case stated:

If it was a hotmail account, MS would still have to get a subpoena to access their accounts and those account holders can still file objections.

still1 said,

why No? Google can do an objection as stated below but if it was MS Hotmail they propably wouldn't be an objection making the process faster for MS.

"To comply with the law, unless you provide us with a copy of a motion to quash the subpoena (or other formal objection filed in court) via email at google-legal-support@google.com by 5pm Pacific Time on May 22, 2012, Google may provide responsive documents on this date."


That mail was sent to a gmail user account, notifying them that ipunless they where objecting, google would comply. Ms would still have to inform the user and give them the chance to object.

So, still, no.

still1 said,
Damn it.. if it was Hotmail Microsoft didn't even have to send a notice. they could have taken it right away. The whole botnet operation would stop a lot faster.

Ladies and Gentlemen, this is what a Google fanboy failing to preach looks like.

funkydude said,

Ladies and Gentlemen, this is what a Google fanboy failing to preach looks like.


here is one who has a history of smb