Waledac botnet explained

Waledac, also known by its aliases Waled and Waledpak, was a botnet mostly involved in e-mail spam and malware. In March 2010 the botnet was taken down by Microsoft.[1] [2]

Operations

Before its eventual takedown, the Waledac botnet consisted of an estimated 70,000–90,000 computers infected with the "Waledac" computer worm.[1] The botnet itself was capable of sending about 1.5 billion spam messages a day, or about 1% of the total global spam volume.[2] [3]

On February 25, 2010, Microsoft won a court order which resulted in the temporary cut-off of 277 domain names which were being used as command and control servers for the botnet, effectively crippling a large part of the botnet.[4] However, besides operating through command and control servers the Waledac worm was also capable of operating through peer-to-peer communication between the various botnet nodes, which means that the extent of the damage was difficult to measure.[5] Codenamed 'Operation b49', an investigation was conducted for some months which thereby yielded an end to the 'zombie' computers. More than a million 'zombie' computers were brought out of the garrison of the hackers but still infected.[6]

In early September 2010, Microsoft was granted ownership of the 277 domains used by Waledac to broadcast spam email.[7]

The botnet was particularly active in North America and Europe and India, Japan and China.[8]

See also

External links

Notes and References

  1. Web site: Waledac botnet 'decimated' by MS takedown; Up to 90,000 zombies freed . Dan . Goodin . theregister.co.uk . . London, UK . 2010-03-16 . 2014-01-09.
  2. Web site: Whitney . Lance . With legal nod, Microsoft ambushes Waledac botnet | Security - CNET News . News.cnet.com . 2010-02-25 . 2010-07-30.
  3. Web site: Claburn . Thomas . Microsoft Decapitates Waledac Botnet . InformationWeek . 2010-07-30.
  4. Web site: MS uses court order to take out Waledac botnet; Zombie network decapitated. For now . John . Leyden . theregister.co.uk . . London, UK . 2010-02-25 . 2014-01-09.
  5. Web site: Waledac Botnet - Deployment & Communication Analysis . FortiGuard . 2009-09-30 . 2010-07-30.
  6. Web site: Help Net Security . Microsoft cripples the Waledac botnet . 26 February 2010 . Net-security.org . 2014-01-09.
  7. News: Microsoft gets legal might to target spamming botnets . USA Today . Byron . Acohido . 2010-09-08.
  8. Web site: Microsoft goes to court to take down the Waledac botnet . the Guardian . en . 25 February 2010.