Skip to main content

Court Approves Microsoft Action Against Waledac Botnet

In an unusual move, a federal judge in Alexandria, Virginia, granted a request from software giant Microsoft for an ex parte temporary restraining order to deactivate some 277 Internet domains used in the command-and-control infrastructure of the Waledac botnet, which is estimated to have infected more than 75,000 computers worldwide and generate untold millions of spam messages. Pursuant to the order, Network Solutions shut down the domains, in theory cutting off numerous Waledac-infected computers from the cybercriminals and scammers controlling them remotely. The unusual order was carried out without any attempt to inform the “John Does” to which is was being applied; of course, that surprise factor is the only thing that lets such a domain shutdown be effective: with warning, the crooks would just migrate the botnet to new domains.

“The takedown of the Waledac botnet that Microsoft executed this week—known internally as “Operation b49″—was the result of months of investigation and the innovative application of a tried and true legal strategy,” wrote Microsoft associate general counsel Tim Cranton in the official Microsoft blog. Microsoft describes Waledac as one of the ten largest botnets in the United States, and said from December 3 to 21 of 2009 Waledoc-infected machines pointed Microsoft’s Hotmail email service with more than 650 million spam messages.

The legal action against the operators of the Waledac botnet is the first of its kind, and Microsoft promises it won’t be the last. However, the ex parte nature of the action may begin to establish a legal precedent that it’s OK to order domains to be taken offline so long someone can convince a judge such an action has concrete benefits to consumers and businesses. As part of its complaint (PDF), Microsoft highlighted damages being done to Internet users around the world by the Waledac botnet, as well as the expense and lost productivity companies have faced trying to deal with Waledac spam and infections.

Image: Waledac infections around the world during a recent 24-hour period. (Microsoft)

Editors' Recommendations

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Signs point to Microsoft finally giving up on the Surface Connect port
The Surface Thunderbolt 4 Dock is available today for $300.

Microsoft has remained diligently dedicated to its proprietary Surface Connect port over the years. But now, Microsoft is swapping out its proprietary Surface Connect port for a more conventional Thunderbolt 4 on the latest version of its Surface Dock, which the company announced on Tuesday.

This is a first for Microsoft, which has used its proprietary Surface Connect port since 2014 starting with the Surface Pro 3.

Read more
Microsoft Teams is about to get faster and much easier to use
Microsoft said that Teams has received a ground-up redesign, which will “empower customers to navigate the challenges of the evolving modern workplace.”

Microsoft has announced a major revamp of the Teams application for Windows, which was made available as a public preview on Monday.

The brand said that Teams has received a ground-up redesign, which will “empower customers to navigate the challenges of the evolving modern workplace.”

Read more
Bing Chat: how to use Microsoft’s own version of ChatGPT
Bing Chat shown on a laptop.

Bing Chat is Microsoft's answer to ChatGPT -- in fact, it's based on the same technology that makes OpenAI's chatbot run.

But Microsoft has a very different approach, integrating generative AI directly into its Edge web browser and Bing search engine. It's even coming to the entire suite of Office apps in the future. Here's how to sign up and use Bing Chat today.
How to get Bing Chat

Read more