If the issue of click fraud is a battlefield with advertisers and tech leaders on one side facing off against cyber criminals on the other, then it could easily be said that Microsoft has fired a very big shot for the good guys.
The software king opened a legal assault earlier this week against several networks of compromised computers being run by hackers, and a federal judge in Virginia agreed to the company’s request to deactivate 277 infringing domain names.
Microsoft’s suit, which was filed on Monday, specifically targets a botnet known as Waledec, as well as 27 “John Doe” defendants. The company maintains this pool of cybercrooks broke federal laws with a scheme to create bot-herders. Bot-herding is a process by which hackers use automated scans to look for vulnerable computers across several networks, which then become one of many zombie machines when infected by the hacker. Spam, click fraud, denials of service and malicious software can all be spread through the use of bot-herding, which gives the hacker complete control over an infected computer.
In the suit, Microsoft’s attorneys asked U.S. District Judge Leonie Brinkema to issue a restraining order to allow the company to cut communication channels to the botnet in stealth before its perpetrators had a chance to re-establish their links to its network.
Waledac is believed to be one of the 10 largest botnets in the U.S., with the ability to send approximately 1.5 billion spam email messages per day, while stealing sensitive information and establishing backdoor remote access on any machine it infects. Online security experts estimate the botnet has infected hundreds of thousands of computers around the world. Microsoft itself has analysis that shows more than 650 million spam emails attributed to Waledac were directed to Hotmail accounts between December 3-21 of 2009 alone. Clearly, there was a need to act and Microsoft did just that.
“The takedown of the Waledac botnet that Microsoft executed this week — known internally as Operation b49 — was the result of months of investigation and the innovative application of a tried-and-true legal strategy,” said Tim Cranton, Microsoft Associate General Counsel.
Cranton went on to say that Operation b49 had effectively shut down connections with the vast majority of Waledac-infected machines within three days of implementation and that Microsoft was shooting to make the disruption permanent. He did caution however that the effort would not thoroughly cleanse infected computers, which would still be hosting the original malware.
Industry experts have long agreed that online fraudsters will not be curbed merely by fighting them on a technology level. As such, in opening a new front against cyber-crime, Microsoft is being lauded for finding a legal principle with which to challenge the bot-herders on this matter, which may open new opportunities in the future for others to more aggressively fight back against cyber crime.
[...] a few months after taking legal action against a number of hackers and click-fraud perpetrators, the software giant has filed two more lawsuits against parties it claims are now engaged in a [...]
[...] experts trying to trace and shutter them. This latest attack comes just a few weeks after Microsoft filed a lawsuit against another huge botnet called [...]