Waledac botnet

From HandWiki
Short description: Spam email botnet

Waledac, also known by its aliases Waled and Waledpak, was a botnet mostly involved in e-mail spam and malware. In March 2010 the botnet was taken down by Microsoft.[1][2]

Operations

Before its eventual takedown, the Waledac botnet consisted of an estimated 70,000–90,000 computers infected with the "Waledac" computer worm.[1] The botnet itself was capable of sending about 1.5 billion spam messages a day, or about 1% of the total global spam volume.[2][3]

On February 25, 2010, Microsoft won a court order which resulted in the temporary cut-off of 277 domain names which were being used as command and control servers for the botnet, effectively crippling a large part of the botnet.[4] However, besides operating through command and control servers the Waledac worm was also capable of operating through peer-to-peer communication between the various botnet nodes, which means that the extent of the damage was difficult to measure.[5] Codenamed 'Operation b49', an investigation was conducted for some months which thereby yielded an end to the 'zombie' computers. More than a million 'zombie' computers were brought out of the garrison of the hackers but still infected.[6]

In early September 2010, Microsoft was granted ownership of the 277 domains used by Waledac to broadcast spam email.[7]

The botnet was particularly active in North America and Europe and India, Japan and China.[8]

See also

References

  1. 1.0 1.1 Goodin, Dan (2010-03-16). "Waledac botnet 'decimated' by MS takedown; Up to 90,000 zombies freed". theregister.co.uk. London, UK: The Register. https://www.theregister.co.uk/2010/03/16/waledac_takedown_success/. 
  2. 2.0 2.1 Whitney, Lance (2010-02-25). "With legal nod, Microsoft ambushes Waledac botnet | Security - CNET News". News.cnet.com. http://news.cnet.com/8301-1009_3-10459558-83.html. 
  3. Claburn, Thomas. "Microsoft Decapitates Waledac Botnet". InformationWeek. http://www.informationweek.com/news/hardware/desktop/showArticle.jhtml?articleID=223100747. 
  4. Leyden, John (2010-02-25). "MS uses court order to take out Waledac botnet; Zombie network decapitated. For now". theregister.co.uk. London, UK: The Register. https://www.theregister.co.uk/2010/02/25/ms_waledac_takedown/. 
  5. "Waledac Botnet - Deployment & Communication Analysis". FortiGuard. 2009-09-30. http://www.fortiguard.com/analysis/waledacanalysis.html. 
  6. Help Net Security (26 February 2010). "Microsoft cripples the Waledac botnet". Net-security.org. http://www.net-security.org/secworld.php?id=8926. 
  7. Acohido, Byron (2010-09-08). "Microsoft gets legal might to target spamming botnets". USA Today. https://www.usatoday.com/tech/news/2010-09-08-botnets08_ST_N.htm. 
  8. "Microsoft goes to court to take down the Waledac botnet" (in en). 25 February 2010. https://www.theguardian.com/technology/blog/2010/feb/25/microsoft-waledac-botnet-beheaded. 

External links



Retrieved from "https://handwiki.org/wiki/index.php?title=Waledac_botnet&oldid=3371881"