Forum latest

With legal nod, Microsoft ambushes Waledac botnet
Security
Written by Daniel   
Thursday, 25 February 2010 19:05

From C/Net News

Microsoft is intent on eliminating the Waledac botnet and is using the legal system to help.

Tim Cranton, Microsoft's associate general counsel, wrote Thursday on the company's blog that Microsoft has been shutting down Waledac by working with technology partners and taking legal action. In response to a complaint filed by Microsoft, a federal judge issued on Monday a temporary restraining order to shut down 227 Internet domains believed to be run by cybercriminals spreading the Waledac spambot.

 



This week's legal takedown of Waledac, known internally at Microsoft as "Operation b49," came after months of investigation, wrote Cranton. Once the company had gathered its evidence, the challenge was how to find a legal means to allow Microsoft to block the suspected domains from their botnets and stop them from further infecting and controlling their victims.

To achieve this, Microsoft looked at a legal principle called "ex parte TRO." Ex parte means without notifying the other side, and TRO stands for temporary restraining order. The ex parte aspect was crucial because severing the link between the criminals and their bots had to be done without their knowledge. Further, Microsoft needed to convince the court that such legal action was warranted. Richard Boscovich, senior attorney at Microsoft's digital crimes unit, played a role in forming the complaint.

"We drafted the complaint in such a way that explained to the court that the amount of damages to consumers across the world, and also other companies in addition to Microsoft itself, warranted the granting of this rather extraordinary order," said Boscovich toward the end of a Microsoft-created video that describes the fight against Waledac.

The legal action has already cut off access to Waledac at the domain level, according to Cranton. This means the connection has been severed between the command and control centers of the botnet and most of the infected computers worldwide. Cranton said that Microsoft is working with security organizations to take down Waledac's remaining peer-to-peer command and control connections.    [More...] [Comments...]

 

 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either