The ZeroAccess botnet, aka Sirefet, is back in action after six months of silence. The botnet is actually two peer-to-peer botnets that manipulate search engines and web browsers. In December 2013, Microsoft, Europol, and the FBI teamed up to disrupt ZeroAccess. Researchers say the ZeroAccess administrators did not attempt to expand the botnet after the big disruption. Instead of 2 million nodes, ZeroAccess now only has 55,000. The bulk of them are in Japan, India, and Russia.”]
Source: https://www.darkreading.com/attacks-breaches/zeroaccess-click-fraud-botnet-back-in-action-again