Waledac botnet

Waledac, also known by its aliases Waled and Waledpak,^[1] was a botnet mostly involved in e-mail spam. In March 2010 the botnet was taken down by Microsoft.^[2]^[3]

Operations [edit]

Before its eventual take down the Waledac botnet consisted of an estimated 70,000-90,000 ^[2] computers infected with the "Waledac" computer worm. The botnet itself was capable of sending about 1.5 billion spam messages a day, or about 1% of the total global spam volume.^[3]^[4]

On February 25, 2010, Microsoft won a court order which resulted in the temporal cut-off of 277 domain names which were being used as command and control servers for the botnet, effectively crippling a large part of the botnet.^[5] However, besides operating through command and control servers the Waledac worm is also capable of operating through peer-to-peer communication between the various botnet nodes, which means that the extent of the damage is difficult to measure.^[6] Codenamed 'Operation b49', an investigation was conducted for some months which thereby yielded an end to the 'zombie' computers. More than a million 'zombie' computers were brought out of the garrison of the hackers but still infected.^[7]

In early September 2010, Microsoft was granted ownership of the 276 domains used by Waledac to broadcast spam email.^[8]

References [edit]

^ "Waledac". M86 Security. 2009-04-20. Retrieved 2010-07-30.
^ ^a ^b http://www.theregister.co.uk/2010/03/16/waledac_takedown_success/
^ ^a ^b Whitney, Lance (2010-02-25). "With legal nod, Microsoft ambushes Waledac botnet | Security - CNET News". News.cnet.com. Retrieved 2010-07-30.
^ Claburn, Thomas. "Microsoft Decapitates Waledac Botnet". InformationWeek. Retrieved 2010-07-30.
^ http://www.theregister.co.uk/2010/02/25/ms_waledac_takedown/
^ "Waledac Botnet - Deployment & Communication Analysis". FortiGuard. 2009-09-30. Retrieved 2010-07-30.
^ http://www.net-security.org/secworld.php?id=8926
^ Acohido, Byron (2010-09-08). "Microsoft gets legal might to target spamming botnets". USA Today.

External links [edit]

[m86security-1] "Waledac". M86 Security. 2009-04-20. Retrieved 2010-07-30.

[theregister-2] ttp://www.theregister.co.uk/2010/03/16/waledac_takedown_success/

[cnet-3] Whitney, Lance (2010-02-25). "With legal nod, Microsoft ambushes Waledac botnet | Security - CNET News". News.cnet.com. Retrieved 2010-07-30.

[informationweek-4] Claburn, Thomas. "Microsoft Decapitates Waledac Botnet". InformationWeek. Retrieved 2010-07-30.

[5] ttp://www.theregister.co.uk/2010/02/25/ms_waledac_takedown/

[fortiguard-6] "Waledac Botnet - Deployment & Communication Analysis". FortiGuard. 2009-09-30. Retrieved 2010-07-30.

[7] ttp://www.net-security.org/secworld.php?id=8926

[8] Acohido, Byron (2010-09-08). "Microsoft gets legal might to target spamming botnets". USA Today.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

Waledac botnet

Contents

Operations [edit]

See also [edit]

References [edit]

External links [edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Interaction

Toolbox

Print/export

Languages