A few days ago, Microsoft has requested and was granted a temporary restraining order that resulted in the takedown of 273 Internet domains that are believed to belong to criminals that operate the massive “Waledac” botnet and were being used command and control centers for all the infected zombie computers roped into the botnet:
Under the code name “Operation b49”, an investigation was conducted for months and resulted in this effective “beheading” of the botnet that was responsible for sending over 1.5 billion spam emails per day.
According to the post on Microsoft’s official blog, the complaint was filed and the court order was issued in secret, as not to alarm the bot-herders and allow them time to set up new domain names and control systems. The takedown was successful and the domains went down. The great majority of zombie computers are temporarily “free” from the grasp of the botnet operators and practically harmless.
One problem remains, though – these computers are still infected. Microsoft advises every owner of a computer to run a check and see if it’s infected with the Waledac worm or, for that matter, with any other malware. They say they will continue to make an effort to reach out to the owners of compromised computers and help them make them “clean” again.
They also say that even though that this was the first operation against this botnet, it will definitely not be the last. “At Microsoft, we don’t accept the idea that botnets are a fact of life,” they say, and pledge themselves to a continuing fight. Their goal is to make the disruption of the botnet permanent.