Security Corner

Feb 27 2010   2:02AM GMT

Waledac is Now Virtually Headless

Ken Harthun Ken Harthun Profile: Ken Harthun

Waledac Infections Worldwide

Microsoft isn’t playing around anymore.  Through legal action and technical cooperation with industry partners, they have managed to take down Waledac, a large and well-known spambot that is estimated to have infected hundreds of thousands of computers worldwide. According to their blog, “…Microsoft found that between December 3-21, 2009, approximately 651 million spam emails attributable to Waledac were directed to Hotmail accounts alone, including offers and scams related to online pharmacies, imitation goods, jobs, penny stocks and more.”

On February 22, in response to a complaint filed by Microsoft  (“Microsoft Corporation v. John Does 1-27, et. al.”, Civil action number 1:10CV156) in the U.S. District Court of Eastern Virginia, a federal judge granted a temporary restraining order cutting off 277 Internet domains believed to be run by criminals as the Waledac bot.

This is good news! Cutting them off at the .com domain level is a virtual beheading.

This action has quickly and effectively cut off traffic to Waledac at the “.com” or domain registry level, severing the connection between the command and control centers of the botnet and most of its thousands of zombie computers around the world. Microsoft has since been taking additional technical countermeasures to downgrade much of the remaining peer-to-peer command and control communication within the botnet, and we will continue to work with the security community to mitigate and respond to this botnet.

Click here for a map of the infection.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: