Waledac botnet
Encyclopedia
Waledac, also known by its aliases Waled and Waledpak, was a botnet
mostly involved in e-mail spam
. In March 2010 the botnet was taken down by Microsoft
.
. The botnet itself was capable of sending about 1.5 billion spam messages a day, or about 1% of the total global spam volume.
On February 25, 2010, Microsoft
won a court order which resulted in the temporal cut-off of 277 domain name
s which were being used as command and control servers for the botnet, effectively crippling a large part of the botnet. However, besides operating through command and control servers the Waledac worm is also capable of operating through peer-to-peer
communication between the various botnet nodes, which means that the extent of the damage is difficult to measure.
Codenamed 'Operation b49', an investigation was conducted for some months which thereby yielded an end to the 'zombie' computers. More than a million 'zombie' computers were brought out of the garrison of the hackers but still infected.
In early September 2010, Microsoft
was granted ownership of the 276 domains used by Waledac to broadcast spam email.
Botnet
A botnet is a collection of compromised computers connected to the Internet. Termed "bots," they are generally used for malicious purposes. When a computer becomes compromised, it becomes a part of a botnet...
mostly involved in e-mail spam
E-mail spam
Email spam, also known as junk email or unsolicited bulk email , is a subset of spam that involves nearly identical messages sent to numerous recipients by email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. One subset of UBE is UCE...
. In March 2010 the botnet was taken down by Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
.
Operations
Before its eventual take down the Waledac botnet consisted of an estimated 70,000-90,000 computers infected with the "Waledac" computer wormComputer worm
A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach...
. The botnet itself was capable of sending about 1.5 billion spam messages a day, or about 1% of the total global spam volume.
On February 25, 2010, Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
won a court order which resulted in the temporal cut-off of 277 domain name
Domain name
A domain name is an identification string that defines a realm of administrative autonomy, authority, or control in the Internet. Domain names are formed by the rules and procedures of the Domain Name System ....
s which were being used as command and control servers for the botnet, effectively crippling a large part of the botnet. However, besides operating through command and control servers the Waledac worm is also capable of operating through peer-to-peer
Peer-to-peer
Peer-to-peer computing or networking is a distributed application architecture that partitions tasks or workloads among peers. Peers are equally privileged, equipotent participants in the application...
communication between the various botnet nodes, which means that the extent of the damage is difficult to measure.
Codenamed 'Operation b49', an investigation was conducted for some months which thereby yielded an end to the 'zombie' computers. More than a million 'zombie' computers were brought out of the garrison of the hackers but still infected.
In early September 2010, Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
was granted ownership of the 276 domains used by Waledac to broadcast spam email.