Microsoft’s botnet beheading frees 90,000 zombies

Hani Megerisi March 17, 2010

Microsoft has claimed the Waledac botnet has been “effectively decimated”, after it severed between 70,000 and 90,000 zombie PCs from the network.

Microsoft's botnet beheading frees 90,000 zombies

“Researchers… who track new Waledac infections, have data showing a dramatic decline in new IP addresses appearing within the Waledac network, meaning that Waledac is no longer spreading its infection to other computers,” said Microsoft Malware Protection Centre’s director Jeff Williams, in a post on the company’s blog.

The goal was to disrupt the bot and to learn from that disruption for future actions

The firm claimed the figures were proof that Operation b49 – which forced Verisign to deactivate 277 domain names being used to issue instructions to the botnet – had been a success.

“While it is still too early to know the entire scope of this particular takedown’s impact, early returns show that Operation b49 has been delivering on the disruption of Waledac and helping to map new territory in the fight against botnets,” he wrote.

However, Microsoft cautioned that despite the success of the campaign, the computers were still infected with malware despite being cut off. Indeed, Williams claimed that roughly half of the computers “once under the control of Waledac are still trying to send spam – and are in fact doing so at higher levels today than they were in our December analysis”.

Microsoft argued this was due to computers being infected with other malware which “may still be directing them [the zombie computers] to conduct attacks outside of Waledac’s control structure”.

“Waledac itself is just one of many sources of spam on the internet and we never intended Operation b49 to appreciably shrink worldwide spam volumes. The goal, rather, was to disrupt the bot and to learn from that disruption for future actions.”

Mikko Hypponen, chief research office of F-Secure, agreed that the problem of botnets still persisted. “This simply cut the head of the beast. The infected machines are still infected. Owners of those machines still have no idea that they are infected. Their machines simply can’t be controlled by the bad guys any more.”

“Waledac wasn’t the biggest of our headaches,” he added. “It was already declining as a botnet and was not one of the major sources of spam. Nevertheless, good riddance… it was a great takedown and all thanks to Microsoft.”

Send Email

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

You may also like
Amazon Prime Windows 10 App
How to Remove Your History and Watchlist from Amazon Prime Video

Steve Larner September 19, 2023

Facebook How to Make Profile Private
How to Make Your Profile Private On Facebook

Evan Gower September 19, 2023

best_vpn_for_the_usa
Best USA VPN: The Best Options for Streaming and Surfing Stateside

Stuart Andrews September 18, 2023

Send To Someone

Missing Device

    Todays Highlights
    How to Change the Location on a FireStick

    Lee Stanton April 1, 2023

    How to See Google Search History
    How to View Your Google Search History

    Steve Larner March 7, 2023

    How to Change Your User Name in Zoom

    Lee Stanton August 23, 2022

    How to Use Inspect Element

    Lee Stanton August 16, 2022

    how to download photos from google photos
    How to Download Photos from Google Photos

    Cassandra McBride December 3, 2022

    How to Change Your Username on Fortnite

    Lee Stanton February 20, 2023