Coreflood Takedown Raises Questions About Offensive Actions Against Botnets

For just about as long as there have been botnets, there’s been an ongoing discussion in the security and law-enforcement communities about the legality and ethics of taking proactive steps to disrupt the botnets’ operations and even to remove the bots from infected machines. Until very recently,...

FBI vs Coreflood botnet

FBI vs Coreflood botnet The FBI's unprecedented effort to behead the Coreflood botnet—comprised of millions of hacked Windows machines—appears to be working, at least for now. The bureau has tracked a dramatic decline in the number of pings from the botnet since the takedown operation began earli...

FBI cracks International Bot Network !

FBI cracks International Bot Network ! The Department of Justice and FBI declared that it has cracked a network of hackers, who have infected almost 2 million computers with a harmful "bot" program, Coreflood that steals private and monetary data from computers. Identified as a "bot" network- as...

DOJ Shuts Down Botnet, Disables Infected Systems

The U.S. Department of Justice and the FBI said on Wednesday that they had taken actions to disable an international botnet of more than two million infected computers that was stealing corporate data including user names, passwords and financial information. Thirteen unnamed “John Doe” defendent...

Mariposa: December, 2009

The takedown of the Mariposa botnet is an example of both the possibilities and complications facing law enforcement around the world as they work to stamp out botnets. A cyberlaw enforcement success story, the take down of Mariposa by Spanish authorities in December, 2009, followed months of wor...

Mega-D: March, 2010

The takedown of Mega-D, also known as Ozdok, was spearheaded by researchers at anti-botnet firm FireEye. The botnet, a byproduct of PC infections linked to the Mega-D Trojan, comprised tens of thousands of machines and was responsible for sending out a large portion of the spam on the Internet–at...

Waledac: March, 2010

Though not nearly as large or important a botnet, Waledac – which counted fewer than 100,000 infected hosts at its height – was notable for the tactics that researchers used to dismantle the botnet. Microsoft worked with a group of researchers at the University of Mannheim, the University of Vien...

Bredolab: October, 2010

At its height, the Bredolab botnet numbered more than three million hosts and was responsible for 30 million infections and 3.6 billion spam e-mails daily.The global botnet was brought down by the Dutch cyber crime unit, which seized the command and control infrastructure used by the botnet and,...

Pushdo/Cutwail: August, 2010

One of the world’s most prolific botnets and a leading source of spam, denial of service attacks and malware, Pushdo was brought down by researchers at the security firm Last Line of Defense, who worked with hosting providers to seize 30 command-and-control servers involved in the botnet...

Rustock: March, 2011

By the time U.S. Marshals, in the company of Microsoft Corp. attorneys, busted into the data centers of dozens of U.S. hosting firms to shut down the Rustock botnet in March, 2011, it was the main source of global spam. The takedown was notable for the success Microsoft had in using the courts to...

Report: Rustock Operators or Operator

A Krebsonsecurity piece looks into the unknown party behind the Rustock botnet, and whether it may have been operated by just one person. By interviewing investigators involved in the takedown, a joint operation carried out by Microsoft, FireEye, and various law enforcement agencies, Krebs...

Spam Down 40 Percent in Rustock's Absence

The takedown of the Rustock botnet has measurably reduced the amount of spam e-mail, according to an IBM Internet Security Systems report. IBM said it has observed a sustained drop off of between 35% and 40% in global spam levels almost a week after law enforcement in the U.S. and abroad, along...

Reports: Rustock Born in the USA

U.S. hosting firms accounted for the bulk of the command and control centers for the Rustock botnet, with many firms claiming that they had no idea they were harboring an illegal criminal network on their infrastructure, according to a story in Krebsonsecurity.com. Threatpost reported last week...

Lessons From the Rustock Takedown

As a follow-up to the Rustock botnet news, Microsoft have identified themselves as the key instigators of the takedown. This is the second time Microsoft’s legal team has been actively involved in combating the botnet menace – and they obviously learned from their previous attempt at trying to...

Threatpost News Roundup on ITEC This Week

It was a big week in security, what with the takedown of the Rustock botnet takedown, there was a major attack against security firm RSA Security. Threatpost Editor Paul Roberts had a chance to sit down with Bill Sell, host of the weekly IT security news show ITEC This Week on the Pulse Network...

Alex Lanstein on the Rustock Botnet Takedown

Dennis Fisher talks with Alex Lanstein of FireEye about this week’s takedown of the Rustock botnet, the important legal precedent it helped set with Microsoft’s lawsuit and the mechanics behind the operation and dismantling of large-scale botnets. Podcast audio courtesy of sykboy65 Subscribe to t...

Microsoft, FireEye Take Down Notorious Rustock Botnet

Being a botnet operator has traditionally been a fairly reliable and easy way to make money. But it’s starting to become a slightly dicier occupation these days, as evidenced by the news of the takedown of the venerable and virulent Rustock botnet by researchers at Microsoft and FireEye. Rustock...

Microsoft brings down world's biggest spam network !

A Microsoft lawsuit, unsealed earlier today, is responsible for causing government raids last Wednesday that lead to the downfall of the world's biggest spam network, Rustock. Microsoft's Digital Crimes Unit used information gained in its 2010 takedown of the Waledac botnet to work with the U.S...

Rustock Botnet: Dead Or Just Reloading?

Reports indicate that the massive drop in spam levels are linked to the sudden disappearance of the Rustock botnet. However, recent history suggests the interruption may only be temporary. Spamhaus’s Composite Spam Blocklist CBL claims that dozens of Rustock’s internet servers, which for years ha...

New Analysis Shows Pushdo Botnet Sent Trillions of Spam Emails, Generated Millions in Profits

A new, detailed analysis of the operations of the infamous Cutwail/Pushdo botnet shows that the network, which had been he target of several takedown attempts in the last couple of years, is not only amazingly resilient, but also is incredibly prolific, with one section of the botnet sending more...