Subscribe to Windows IT Pro
February 25, 2010 12:00 AM

Microsoft Shuts Down Massive Botnet

Paul Thurrott
Windows IT Pro
InstantDoc ID #103645
Rating: (22)

Microsoft this week won a court order allowing it to shut down a so-called botnet that was distributing malicious software and spam. The botnet, called Waledac, is essentially a collection of tens of thousands of PCs from around the world that have been remotely taken over by hackers and organized into a cohesive network of malware-spewing hosts.

"At Microsoft, we don't accept the idea that botnets are a fact of life," says Microsoft Associate Counsel Tim Cranton. "Given the recent spread of botnets, we are getting even more creative and aggressive in the fight against botnets and all forms of cybercrime. That's why I'm proud to announce that through legal action and technical cooperation with industry partners, we have executed a major botnet takedown of Waledac, a large and well-known 'spambot'."

Microsoft's takedown of Waledac, known internally as "Operation b49," began months ago with an investigation and consultation with law enforcement. According to the software giant, Waledac is one of the 10 biggest botnets in the world, and prior to the takedown, it was spewing out over 1.5 million spam emails per day, including over 650 million spam emails to Hotmail accounts during a three week period in December 2009 alone.

On February 22, the US District Court of Eastern Virginia granted Microsoft a temporary restraining order that cut off 277 Internet domains believed to be run by criminals and the central hub of the Waledac botnet. Additionally, 27 "John Doe" defendants were accused of violating federal computer crime laws.

The action cut off the communication channels between the hacker criminals and most of the infected computers in the botnet network. Effectively, Waledac has been taken offline, but Microsoft says it will continue taking "technical countermeasures" to prevent any remaining peer-to-peer control communications from continuing as well.

That said, the infected machines are still riddled with malware. Microsoft recommends that users follow its guidance for keeping PCs clean of malware. You can find these "Protect Your PC" resources on the Microsoft website

Related Content:

ARTICLE TOOLS

Comments
Add A Comment
  • Mushfiq
    2 years ago
    Mar 01, 2010

    While I agree that new Windows OSes (particularly Vista+) have a relatively secure design (OS X and Linux security is way overrated and in large part, probably thanks to obscurity), it gives less justification, not more for Microsoft to do what it did. Sure, I'm glad the botnet is down and the amount of spam is temporarily reduced by 10% (I don't know the actual number)... but, at the expense of giving Microsoft the right to play police. I really wish the court had not granted the order, and instead, had forced cooperation with law enforcement agents. That's about the only part I agree with infiniteloop:
    http://business.theatlantic.com/2010/02/in_microsofts_war_on_spam_do_the_ends_justify_the_means.php

    I'm glad Microsoft has a really nice OS now, but Microsoft should not become "Internet police". The police should play Internet police. Police powers are designed to be shared, not lorded over by one private entity (and I'd call myself a capitalist). How many legitimate businesses were entangled in this net? Who's responsible for those entanglements?

    Overall, the mess created is probably less then the mess cleaned up, but I don't know that the ends justify the means...

  • Dean
    2 years ago
    Feb 28, 2010

    @jersey72

    Thanks for the fine comment. I rarely respond to such stupid banter but occasionally I can't resist. You are correct, the "Trolls" are already locked in with their conviction.

  • Chris
    2 years ago
    Feb 26, 2010

    @pokeystuff:

    Great research, but don't confuse the trolls with the facts - their minds are already made up.

  • Jesse
    2 years ago
    Feb 26, 2010

    Some other articles I read online regarding Waledac claim that it was sending out over 1.5 billion spam emails per day, orders of magnitude more than Paul's article states (1.5 million). I think this must just be a typo on Paul's part.

  • Scott
    2 years ago
    Feb 26, 2010

    www.darkreading.com has an article with further details. According to them, MS did the legal legwork, and others did the techie stuff of taking down the botnet.

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

Dev Pro Left-Brain SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.