Microsoft disrupted criminal botnet ZLoader, a global internet-based gang operating malware as a service designed to steal and extort money from healthcare organizations.
In an April 13 notice, Microsoft Digital Crimes Unit said it has taken legal and technical action to disrupt the cyber criminal group.
"We obtained a court order from the United States District Court for the Northern District of Georgia allowing us to take control of 65 domains that the ZLoader gang has been using to grow, control and communicate with its botnet. The domains are now directed to a Microsoft sinkhole where they can no longer be used by the botnet's criminal operators," the notice read.
ZLoader, which is made up of computing devices in hospitals, businesses, schools and homes, used malware to conduct financial theft, steal account login IDs, passwords and other information. The group later began offering malware as a service, a delivery platform, to distribute ransomware including Ryuk.
Ryuk is well known for targeting healthcare organizations.
With the legal action, Microsoft aims to disable ZLoader's infrastructure, making it more difficult for them to continue their activities.