Microsoft has successfully taken legal action to shut down the control structure of the network behind the Waledac botnet that is responsible for 1.5 billion spam emails daily.
In the US District Court of Eastern Virginia, a federal judge granted Microsoft’s request against 273 domain names believed to be hubs for control of the Waledac botnet. A Microsoft analysis concluded that the Waledac botnet was responsible for almost 651 million spam emails being sent to Hotmail addresses between December 3-21, 2009.
“This action has quickly and effectively cut off traffic to Waledac at the ‘.com’ or domain registry level, severing the connection between the command and control centers of the botnet and most of its thousands of zombie computers around the world,” Tim Cranton, Microsoft’s associate general counsel, wrote in a Feb. 25 posting on The Official Microsoft Blog. “Microsoft has since been taking additional technical countermeasures to downgrade much of the remaining peer-to-peer command and control communication within the botnet, and we will continue to work with the security community to mitigate and respond to this botnet.”
“We drafted a complaint in such a way that explained to the court that the amount of damages to consumers across the world and also other companies in addition to Microsoft itself warranted the granting of this extraordinary order,” said Richard Boscovich, a senior attorney in Microsoft’s digital crime unit, in a video on the Waledac announcement in the Microsoft blog.
“It would have been impossible to sever each individual computer given the shear magnitude and size, so we decided the best tactic would be to really build a wall between the bot herder, the command computer and all of the other computers,” he said.
To help make sure you are not infected by this or other botnets, follow the “protect your PC” guidance available at http://www.microsoft.com/protect.