Slashdot Mirror

← Back to Stories (view on slashdot.org)

Waledac Botnet Now Completely Offline, Experts Say

Posted by kdawson on from the it's-dead-jim dept.

Trailrunner7 writes "After Microsoft's actions to take down the Waledac botnet last month, there was some question about whether the operation was much more than a grab for headlines that would have little effect on actual spam levels or malware infections. But more than three weeks after the takedown, researchers say that Waledac has essentially ceased communications and its spam operations have dropped to near zero. One researcher said that Waledac now seems to be abandoned. 'It looks crippled, if not dead,' said Jose Nazario, a senior security researcher at Arbor Networks."

4 of 91 comments (clear)

  1. Still however useless by 0racle · · Score: 4, Insightful

    question about whether the operation was much more than a grab for headlines that would have little effect on actual spam levels or malware infections

    I think everyone knew the answer was, no it will not have an effect on spam levels or malware infections. Oh it succeeded in taking the botnet offline, MS did something real here, but taking just one offline doesn't mean much.

    --
    "I use a Mac because I'm just better than you are."
    1. Re:Still however useless by plover · · Score: 4, Insightful

      This was a lot larger than taking down a rogue host. This is 1,500,000,000 fewer spams per day on the net.

      Cut out two billion spams here and there and pretty soon you're talking about real effectiveness.

      Sure, they could probably do more, but every journey begins with a single step. Shut down the easy ones first. Pick the low-hanging fruit. Then go back and take down another, and another. At this point it could be all they could get done in a short amount of time, and in any case it's still a good start.

      --
      John
    2. Re:Still however useless by Alwin+Henseler · · Score: 5, Insightful

      As long as the source of the spam/malware problem isn't held accountable, nothing much will change.

      The ultimate source (not cause!) of this problem is of course users that get spam, and then go on to send money to the folks that spammed them. But next in line are those companies that use spam, spread through malware-infected PC's, to sell their products (or sell worthless/dangerous crap, for that matter). Such shady companies should be put out of business, their CEO's thrown in jail ASAP (through whatever -legal- means), and profits confiscated to support the anti-spam operation.

      Focussing on botnets is a good thing, but IMHO useless. Focussing on the folks running them is better, but the next botnet-operator-wannabee will step right in. Instead, efforts should focus on the businesses paying these fuckers.

    3. Re:Still however useless by Moryath · · Score: 3, Insightful

      Sadly true. Waledac might have been a "mature and no longer really expanding" botnet. Botnets do have a certain shelf-life before they start to die through attrition; either the maker comes up with a new propagation method (virus/etc), or it hits a point and stops really expanding, followed by the slow inevitable decline as machines die, or get reformatted, or get overwritten by a newer botnet. There have been botnets that targeted other botnets for invasion/absorption quite a few times.

      If this can help catch and destroy botnets earlier on, it might be more effective.

      The better goal should, of course, be to make systems (and users) more spam-proof. User education would be a good start, as would home ISP's putting everyone's computers behind a proper NAT rather than using cable modems that expose the user to the naked wild. I've seen more home users who "just put up with" what would seem to be obvious virus/problem behavior merely because they were terrified of having to back up their data or reformat...