Skip to main content
  1. Home
  2. Computing
  3. News

Court Approves Microsoft Action Against Waledac Botnet

By

In an unusual move, a federal judge in Alexandria, Virginia, granted a request from software giant Microsoft for an ex parte temporary restraining order to deactivate some 277 Internet domains used in the command-and-control infrastructure of the Waledac botnet, which is estimated to have infected more than 75,000 computers worldwide and generate untold millions of spam messages. Pursuant to the order, Network Solutions shut down the domains, in theory cutting off numerous Waledac-infected computers from the cybercriminals and scammers controlling them remotely. The unusual order was carried out without any attempt to inform the “John Does” to which is was being applied; of course, that surprise factor is the only thing that lets such a domain shutdown be effective: with warning, the crooks would just migrate the botnet to new domains.

Image used with permission by copyright holder

“The takedown of the Waledac botnet that Microsoft executed this week—known internally as “Operation b49″—was the result of months of investigation and the innovative application of a tried and true legal strategy,” wrote Microsoft associate general counsel Tim Cranton in the official Microsoft blog. Microsoft describes Waledac as one of the ten largest botnets in the United States, and said from December 3 to 21 of 2009 Waledoc-infected machines pointed Microsoft’s Hotmail email service with more than 650 million spam messages.

Recommended Videos

The legal action against the operators of the Waledac botnet is the first of its kind, and Microsoft promises it won’t be the last. However, the ex parte nature of the action may begin to establish a legal precedent that it’s OK to order domains to be taken offline so long someone can convince a judge such an action has concrete benefits to consumers and businesses. As part of its complaint (PDF), Microsoft highlighted damages being done to Internet users around the world by the Waledac botnet, as well as the expense and lost productivity companies have faced trying to deal with Waledac spam and infections.

Related

Image: Waledac infections around the world during a recent 24-hour period. (Microsoft)

Editors’ Recommendations

Topics
Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Microsoft outlines Recall security: ‘The user is always in control’
Recall promotional image.

Microsoft just released an update regarding the security and privacy protection in Recall. The blog post outlines the measures Microsoft is taking to prevent a data privacy disaster, including security architecture and technical controls. A lot of the features highlight that Recall is optional, and that's despite the fact that Microsoft recently confirmed that it cannot be uninstalled.

Microsoft's post is lengthy and covers just about every aspect of the security challenges that its new AI assistant has to face. One of the key design principles is that "the user is always in control." Users will be given the choice of whether they want to opt in and use Recall when setting up their new Copilot+ PC.

Read more
Sorry, Microsoft — AI isn’t the reason people are buying new laptops
Asus Vivobook S 15 CoPilot+ front angled view showing display and keyboard.

New research by the International Data Corporation (IDC) shows that although AI PCs are selling well and will likely continue to, it's not the onboard generative AI that's driving sales -- it's just the usual refresh cycle.

Companies like Microsoft are aggressively pushing the advantages of generative AI for the average consumer's workflow, but the IDC thinks customers aren't responding to the AI features specifically. People need new PCs on a regular basis -- which we call a refresh cycle -- and since so many of the laptops launching this year are AI PCs, the consumers who need upgrades are naturally just buying what's available.

Read more
Microsoft is giving up control of the Copilot key
Windows 11 logo on a laptop.

In a Windows Insider Blog post, Microsoft recently announced that it is rolling out the Windows 11 Insider Preview Build 22635.4225 (KB5043186) update. It's a relatively small update, but it finally gives users control of the dedicated Copilot key that's showing up on an increasing number of laptops.

In the blog post, Microsoft detailed how it is giving users more customization freedom by adding the option to configure the Copilot key, which can open an app that's MSIX packaged and signed. This is good news since the app meets security and privacy requirements to keep your PC safe. When the option is available more broadly, you should find it by going to Settings > Personalization> Text Input.

Read more