James Delahunty
17 Mar 2010 0:43
Research is showing that action taken by Microsoft and others to tackle the Waledac botnet have been effective. Microsoft's "Operation b49" employed a number of technical measures coupled with court actions to cut off the controllers of the spam-spewing botnet from the 70,000 - 90,000 infected PCs.
"While it is still too early to know the entire scope of this particular takedown's impact, early returns show that Operation b49 has been delivering on the disruption of Waledac and helping to map new territory in the fight against botnets," Microsoft's Jeff Williams said.
He said that data from Microsoft and other security researchers "indicate that our actions have effectively decimated communications within the Waledac bot network." An analysis by the Shadowserver Foundation of honeypot PCs (machines allowed to be infected by researchers to observe their behavior) showed that commands received by the infected machines plummeted.
Additionally, the "honeypot" machines are no longer spewing spam. A firm called Sudosecure has also witnessed a sharp decline in the number of new IP addresses joining the Waledac network.
Waledac is responsible for millions upon millions of spam messages being spread across the Internet. Between December 3 and December 21, Hotmail caught 651 million spam e-mails from the Waledac network destined for users' accounts.