Skip to main content
  1. Home
  2. Computing
  3. News

Court Approves Microsoft Action Against Waledac Botnet

By

In an unusual move, a federal judge in Alexandria, Virginia, granted a request from software giant Microsoft for an ex parte temporary restraining order to deactivate some 277 Internet domains used in the command-and-control infrastructure of the Waledac botnet, which is estimated to have infected more than 75,000 computers worldwide and generate untold millions of spam messages. Pursuant to the order, Network Solutions shut down the domains, in theory cutting off numerous Waledac-infected computers from the cybercriminals and scammers controlling them remotely. The unusual order was carried out without any attempt to inform the “John Does” to which is was being applied; of course, that surprise factor is the only thing that lets such a domain shutdown be effective: with warning, the crooks would just migrate the botnet to new domains.

Image used with permission by copyright holder

“The takedown of the Waledac botnet that Microsoft executed this week—known internally as “Operation b49″—was the result of months of investigation and the innovative application of a tried and true legal strategy,” wrote Microsoft associate general counsel Tim Cranton in the official Microsoft blog. Microsoft describes Waledac as one of the ten largest botnets in the United States, and said from December 3 to 21 of 2009 Waledoc-infected machines pointed Microsoft’s Hotmail email service with more than 650 million spam messages.

The legal action against the operators of the Waledac botnet is the first of its kind, and Microsoft promises it won’t be the last. However, the ex parte nature of the action may begin to establish a legal precedent that it’s OK to order domains to be taken offline so long someone can convince a judge such an action has concrete benefits to consumers and businesses. As part of its complaint (PDF), Microsoft highlighted damages being done to Internet users around the world by the Waledac botnet, as well as the expense and lost productivity companies have faced trying to deal with Waledac spam and infections.

Related

Image: Waledac infections around the world during a recent 24-hour period. (Microsoft)

Editors’ Recommendations

Topics
Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more