Microsoft leads Botnet Task Force in taking down the Waledac botnet
The very Hollywood-sounding Botnet Task Force, ably led by Microsoft, has dealt a serious blow to the people behind the Waledac botnet. But it did require assistance from the U.S. District Court of Eastern Virginia to do so.
Spam is a still a huge problem for computer users around the world. Although much of it is handled with ease by modern email programs, and most of us are more attuned to spotting the stuff that does does get through, many thousands of people fall for the unsolicited messages every day. Which means there is a lot of money in it for the people sending the spam out.
Should their ability to send out spam be compromised then their business is, in effect, closed. Which is the intention of the Botnet Task Force, comprising Microsoft’s Digital Crimes Unit, Symantec, International Secure Systems Lab, The Shadowserver Foundation, and a number of universities.
The Botnet Task Force’s ‘Operation b49′ involved trying to cripple the W32.Waledac botnet which first reared its ugly head in April 2008. By December of that year, variants of the Waledac botnet were infecting computers around the world and turning them into spambots. Somewhere between 30,000 and 90,000 Windows PCs are thought to now be compromised and sending out up to 1.5 billion spam emails every day.
After months of investigating and tracking the botnet, Microsoft and its partners have now scored a huge victory. It managed this by filing a legal injunction against the unidentified herders behind the botnet. On Feb. 22, the U.S. District Court of Eastern Virginia issued a restraining order severing 227 .com domains, managed by Verisign. This should stop the bots from receiving instructions to send out spam, effectively cutting off the spammers’ at source.
The majority of the blocked domains are registered in China, but one belongs to Stephen Paluck of Oregon in the United States. He told the Wall Street Journal, “I want it back, I’m not doing anything illegal.” He, along with the owners of the other disabled domains, has until March 8 to come forward and reclaim their .com.
While this is a big victory for Microsoft and the rest of the Botnet Task Force, it doesn’t solve the problem entirely. Those computers are still infected and the owners are likely completely oblivious to the fact. And unless that is resolved then there’s always the possibility of Waledac living on.
Related Posts:
