Microsoft spearheads operation against major spamming botnet

Spearheaded by Microsoft, a team of security experts from The Shadowserver Foundation, Symantec, the University of Washington, as well as researchers from Germany and Austria successfully took down the Waledac botnet. Waledac is the second-generation iteration of the Storm botnet, and widely believed to have been created by the same people.

Waledac is a highly sophisticated botnet that utilizes a complicated peer-to-peer communication mechanism to maintain cohesion between hosts and its command and control (C&C) servers. Part of what made the operation successful was the taking down of 277 dot com domains on the Internet that served as Waledac's C&C servers.

The domains were cut off after Microsoft secured a federal court order, and was the culmination of months of investigations. The team was able to trick bots into connecting with servers prepared by the team instead. As a result, 90 percent of the botnet was diverted from the Waledac's C&C network within six hours, essentially shutting down the botnet.

For more on this story:
- check out this article at Dark Reading
- check out this article at Network World

Related Articles:
One on One with Jared Spataro of Microsoft
Will Microsoft pursue an acquisition of RIM?
Microsoft puts kibosh on tell-all site, then relents