Microsoft scores legal victory against massive botnet

Matthew DeCarlo

Posts: 5,271   +104

Microsoft has dealt a fatal blow to what was once of the world's largest botnets. Redmond and partners including Symantec, Shadowserver Foundation, the University of Washington and others set out earlier this year to tackle the Waledac botnet in an effort dubbed "Operation b49."

The group filed a legal complaint in February, prompting a temporary restraining order against 277 domain names believed to be involved with Waledac. Last week, a federal judge granted Redmond legal ownership of all but one of those domains, allowing the software giant to cripple Waledac permanently.

Systems infected by Waledac in February


At its peak, Waledac sent some 1.5 billion spam emails per day from tens of thousands of computers around the globe. As many as 90,000 systems were compromised at one point, but that number fell to 64,000 by early July and around 58,000 unique IP addresses were affected as of August 30.

Microsoft is contacting ISPs to inform customers that their machines are infected and cleanup is well underway. More importantly, this could set a precedence for future cases, making it easier to behead other nefarious web operations.

Permalink to story.

 
Apple was not affected here. Give it time. Once virus writers start to target Apple, you will see Apple start to do something about it. You don't see Sony, HP, Dell, or other manufacturers helping this one either, do you?

It would be interesting to know exactly how they shut this botnet down. The domains must have been attained through the USA or a friendly country..otherwise how could a USA federal court "grant Redmond legal ownership of all but one of those domains." What kind of ***** would use solely domains based in the USA?
 
We couldn't have one article about Microsoft without bringing up/bashing Apple eh? Well we probably have, but that was still a derailment.
 
Article says they're notifying infected ISPs - those would be the ones hosting the newly Microsoft-owned domains, I suppose. (Feel free to correct that...) If they're notifying the domain hosting services, how would that cripple an established botnet, which can presumably be fed its spam from pretty much anywhere?

As @anguis said, it would be interesting to see some information on how this shuts down the botnet, or if it doesn't, what exactly does shut it down.
 
Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?
 
tonylukac said:
Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?
Thats a little overboard, thats like suing a car maker because your car got stolen and they didn't make the glass breakproof. Vulnerabilities exist in even Linux, and if its user base grows so will the abuse of those vulnerabilities (Ubuntu is an excellent distro to study for that effect).
 
tengeta is right... i use both ubuntu and windows.. and if the user base was comparable to that of windows,, linux would definately have its share of 'botnets' .. i personally think who is behind waledac?? thats one real question which leads to why does redmond get ownership in all but one ?? 1 ??
 
The primary reason for any system to be infected = lack of updates. You would be AMAZED to see just how many computers / servers / etc are not updated. OS updates, software updates, etc, are all necessary. Many many many people fail to keep their system up to date, and they face the consequences later when they get hacked.
 
anguis said:
The primary reason for any system to be infected = lack of updates. You would be AMAZED to see just how many computers / servers / etc are not updated. OS updates, software updates, etc, are all necessary. Many many many people fail to keep their system up to date, and they face the consequences later when they get hacked.

Amen to that.
 
The entire of the UK is covered in red markers... We're invisible I tell ya! :D

Don't worry you aren't alone in that, whole of the US is covered in RED as well, good thing we aren't living in the days of Cold War .........

Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?

Linus isn't the safest OS out there, it has about the same (or worse security issues, Secunia) .... it is just that they are inferior target alongside apple's OS because of simple reason, lot less users, hence the economy of scales sort of keeps them safe for now.
 
Archean said:
Microsoft is somewhat a hypocrite. When will they simply design windows not to have such vulnerabilities? Linux anyone?

Linus isn't the safest OS out there, it has about the same (or worse security issues, Secunia) .... it is just that they are inferior target alongside apple's OS because of simple reason, lot less users, hence the economy of scales sort of keeps them safe for now.

It's like Android, that's targeted more than Windows Mobile.
 
Back