Microsoft announced this week, that together with industry partners, it has executed a major botnet takedown of Waledac, a large and well-known “spambot.”
Botnets are networks of compromised computers controlled by "bot herders" or "bot masters" that use the thousands (sometimes millions) of compromised machines to distribute adware, spyware, spam emails and launch DDoS attacks. Botnets are typically installed onto end users machines by web browser vulnerabilities, worms, Trojan horses, or backdoors. A "bot master" will then control the machines by IRC commands to launch attacks or send email spam.
Microsoft, a founding member of the Botnet Task Force, said it was proud to announce the take down of the Waledac botnet, known internally at Microsoft as “Operation b49". Tim Cranton, Associate General Counsel at Microsoft, said the result was due to months of investigation and legal strategy. "At Microsoft, we don’t accept the idea that botnets are a fact of life. Given the recent spread of botnets, we are getting even more creative and aggressive in the fight against botnets and all forms of cybercrime," he said in a statement.
A Federal Judge from the U.S. District Court of Eastern Virginia granted a temporary restraining order (PDF) cutting off 277 Internet domains associated with the Waledact botnet. The botnet was believed to have the capacity to send over 1.5 billion spam emails per day. Microsoft claims that in December alone, approximately 651 million spam emails attributable to Waledac were directed to Hotmail accounts. The emails included offers and scams related to online pharmacies, imitation goods and jobs. For the general Internet user hopefully this will result in less offers of Viagra, Nigerian lottery winnings and penis enlargement services. Wishful thinking?
Image of Waledac bot compromised computers