Microsoft scores legal victory against massive botnet

By on September 9, 2010, 8:29 PM
Microsoft has dealt a fatal blow to what was once of the world's largest botnets. Redmond and partners including Symantec, Shadowserver Foundation, the University of Washington and others set out earlier this year to tackle the Waledac botnet in an effort dubbed "Operation b49."

The group filed a legal complaint in February, prompting a temporary restraining order against 277 domain names believed to be involved with Waledac. Last week, a federal judge granted Redmond legal ownership of all but one of those domains, allowing the software giant to cripple Waledac permanently.

Systems infected by Waledac in February


At its peak, Waledac sent some 1.5 billion spam emails per day from tens of thousands of computers around the globe. As many as 90,000 systems were compromised at one point, but that number fell to 64,000 by early July and around 58,000 unique IP addresses were affected as of August 30.

Microsoft is contacting ISPs to inform customers that their machines are infected and cleanup is well underway. More importantly, this could set a precedence for future cases, making it easier to behead other nefarious web operations.




User Comments: 15

Got something to say? Post a comment
Guest said:

It's about time Microsoft gets a break.

hellokitty[hk] hellokitty[hk], I'm a TechSpot Evangelist, said:

Oh nice.

Guest said:

NO sign of Apple when it comes to Global issues...Typical

anguis said:

Apple was not affected here. Give it time. Once virus writers start to target Apple, you will see Apple start to do something about it. You don't see Sony, HP, Dell, or other manufacturers helping this one either, do you?

It would be interesting to know exactly how they shut this botnet down. The domains must have been attained through the USA or a friendly country..otherwise how could a USA federal court "grant Redmond legal ownership of all but one of those domains." What kind of ***** would use solely domains based in the USA?

mattfrompa mattfrompa said:

We couldn't have one article about Microsoft without bringing up/bashing Apple eh? Well we probably have, but that was still a derailment.

Leeky Leeky said:

The entire of the UK is covered in red markers... We're invisible I tell ya!

jwdR1 said:

That's great until someone at MS realizes they now have a new advertising medium!

TJGeezer said:

Article says they're notifying infected ISPs - those would be the ones hosting the newly Microsoft-owned domains, I suppose. (Feel free to correct that...) If they're notifying the domain hosting services, how would that cripple an established botnet, which can presumably be fed its spam from pretty much anywhere?

As @anguis said, it would be interesting to see some information on how this shuts down the botnet, or if it doesn't, what exactly does shut it down.

tonylukac said:

Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?

tengeta tengeta said:

tonylukac said:

Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?

Thats a little overboard, thats like suing a car maker because your car got stolen and they didn't make the glass breakproof. Vulnerabilities exist in even Linux, and if its user base grows so will the abuse of those vulnerabilities (Ubuntu is an excellent distro to study for that effect).

lpmjames lpmjames said:

tengeta is right... i use both ubuntu and windows.. and if the user base was comparable to that of windows,, linux would definately have its share of 'botnets' .. i personally think who is behind waledac?? thats one real question which leads to why does redmond get ownership in all but one ?? 1 ??

anguis said:

The primary reason for any system to be infected = lack of updates. You would be AMAZED to see just how many computers / servers / etc are not updated. OS updates, software updates, etc, are all necessary. Many many many people fail to keep their system up to date, and they face the consequences later when they get hacked.

otester said:

anguis said:

The primary reason for any system to be infected = lack of updates. You would be AMAZED to see just how many computers / servers / etc are not updated. OS updates, software updates, etc, are all necessary. Many many many people fail to keep their system up to date, and they face the consequences later when they get hacked.

Amen to that.

Archean Archean, TechSpot Paladin, said:

The entire of the UK is covered in red markers... We're invisible I tell ya!

Don't worry you aren't alone in that, whole of the US is covered in RED as well, good thing we aren't living in the days of Cold War .........

Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?

Linus isn't the safest OS out there, it has about the same (or worse security issues, Secunia) .... it is just that they are inferior target alongside apple's OS because of simple reason, lot less users, hence the economy of scales sort of keeps them safe for now.

otester said:

Archean said:

Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?

Linus isn't the safest OS out there, it has about the same (or worse security issues, Secunia) .... it is just that they are inferior target alongside apple's OS because of simple reason, lot less users, hence the economy of scales sort of keeps them safe for now.

It's like Android, that's targeted more than Windows Mobile.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.