Media Coverage

Shadowserver in the news

U.S. Leads Multi-National Action Against GameOver Zeus Botnet and Cryptolocker Ransomware, Charges Botnet Administrator

FBI, June 2, 2014

WASHINGTON, D.C.—The Justice Department today announced a multi-national effort to disrupt the GameOver Zeus botnet—a global network of infected victim computers used by cyber criminals to steal millions of dollars from businesses and consumers—and unsealed criminal charges in Pittsburgh, Pennsylvania, and Omaha, Nebraska, against an administrator of the botnet. In a separate action, U.S. and foreign law enforcement officials worked together to seize computer servers central to the malicious software, or malware, known as Cryptolocker, a form of ransomware that encrypts the files on victims’ computers until they pay a ransom

FBI, European Authorities Go After GameOver Zeus Botnet

ThreatPost, June 2, 2014

Law enforcement agencies in Europe and the United States, including Europol and the FBI, ran a coordinated takedown of the  GameOver Zeus botnet on Friday, seizing servers and disrupting the botnet’s operation.

ShadowServer handed ACMA's spam intel database

ITNews, December 18, 2013

Businesses could get better intelligence on the spam and phishing campaigns targeting their customers after the government communications watchdog provided spam-fighting organisation ShadowServer access to its Spam Intelligence Database.

Reports: Liberty Reserve Founder Arrested, Site Shuttered

Brian Krebs, May 25, 2013

The founder of Liberty Reserve, a digital currency that has evolved as perhaps the most popular form of payment in the cybercrime underground, was reportedly arrested in Spain this week on suspicion of money laundering. News of the law enforcement action may help explain an ongoing three-day outage at On Friday, the domain registration records for that site and for several other digital currency exchanges began pointing to, a volunteer organization dedicated to combating global computer crime.

Chinese Nitol botnet host back up after Microsoft settles lawsuit

The Register, October 4, 2012

Microsoft has reached a settlement with the Chinese site linked to the Nitol DDoS botnet. The emerging Nitol botnet was hosted by the domain. In order to stem the threat, Microsoft filed a suit to take control of the 70,000 malicious subdomains hosted on, gaining control of the domain in mid September.

Virgin Media to warn malware-infected customers

The Register, August 16, 2010

Virgin Media subscribers whose computers are part of a botnet can expect a letter warning them to tighten up their security, under a new initiative based on data collected by independent malware trackers. The UK’s third-largest ISP will match lists of compromised IP addresses collected by the Shadowserver Foundation, among others, to its customer records.

The Enemy Within

The Atlantic, June 15, 2010

When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting …

Shadowserver Foundation: Unsung heroes in the botnet wars

Tech Republic, April 19, 2010

There is a group of security professionals that volunteer their time — lots of time — to rid the Internet of cybercrime. Discover how they are making a difference.

Shadows In The Cloud

Forbes, April 6, 2010

Today the IWM and the Shadowserver Foundation have released a report “Shadows in the Cloud: An investigation into cyber espionage 2.0” (mirror) in which we document another targeted malware network. (NYT coverage here).

Microsoft Recruited Top Notch Guns for Waledac Takedown

PC World, February 25, 2010

Four days ago, top-notch computer security researchers launched an assault on Waledac, a highly sophisticated botnet responsible for spreading spam and malicious software. As of Thursday, more than 60,000 PCs worldwide that have been infected with malicious code are now under the control of researchers, marking the effort one of the most highly successful coordinated against organized cybercrime.