Microsoft to Waledac: Off with Your Head!

Print This week, the Microsoft Digital Crimes Unit (DCU) took legal action in cooperation with other tech industry members and Microsoft’s Trustworthy Computing team (TWC) to decapitate and severely limit the activity of the spam botnet Waledac, one of the 10 largest botnets in the US and a major distributor of spam globally.

The action, codenamed Operation b49, involved months of investigation and culminated in a request by Microsoft for an ex parte (non-public) temporary restraining order (TRO) allowing the domains believed to be responsible for commanding and controlling the Waledac botnet to be cut off from the Internet.

On Monday, February 22, the US District Court for the Eastern District of Virginia issued that order and in the intervening days, the order was sealed while the registry operator VeriSign took the action to sever the domains. That severance has taken place and I’m happy to report that Waledac traffic has been disrupted significantly and we continue to work to further reduce the remaining traffic.

To see Waledac impact for yourself, check out: http://www.sudosecure.net/waledac/index.php:

image

More details from the DCU team on the Microsoft Blog: Cracking Down on Botnets.

Jeff

About the Author
Jeff Jones

Principal Cybersecurity Strategist

Jeff Jones a 27-year security industry professional that has spent the last decade at Microsoft working with enterprise CSOs and Microsoft's internal teams to drive practical and measurable security improvements into Microsoft products and services. Additionally, Jeff analyzes vulnerability trends Read more »