Slashdot Mirror

← Back to Stories (view on slashdot.org)

Waledac Botnet Now Completely Offline, Experts Say

Posted by kdawson on from the it's-dead-jim dept.

Trailrunner7 writes "After Microsoft's actions to take down the Waledac botnet last month, there was some question about whether the operation was much more than a grab for headlines that would have little effect on actual spam levels or malware infections. But more than three weeks after the takedown, researchers say that Waledac has essentially ceased communications and its spam operations have dropped to near zero. One researcher said that Waledac now seems to be abandoned. 'It looks crippled, if not dead,' said Jose Nazario, a senior security researcher at Arbor Networks."

8 of 91 comments (clear)

  1. When the stars are once again right... by fuzzyfuzzyfungus · · Score: 5, Funny

    That is not dead which can eternal lie.

    And with strange aeons even death may die.

    1. Re:When the stars are once again right... by GuJiaXian · · Score: 5, Funny

      If spam was about Cthulhu, I probably wouldn't mind it so much. If spam *is* Cthulhu, well, I'm avoiding the Hormel section at the grocery store from now on.

    2. Re:When the stars are once again right... by fuzzyfuzzyfungus · · Score: 4, Funny

      "They were not composed altogether of flesh and blood. They had shape...but that shape was not made of matter."

      Might want to stay away from the spam...

    3. Re:When the stars are once again right... by lastchance_000 · · Score: 4, Funny

      In Soviet R'lyeh, spam eats you!

  2. Still however useless by 0racle · · Score: 4, Insightful

    question about whether the operation was much more than a grab for headlines that would have little effect on actual spam levels or malware infections

    I think everyone knew the answer was, no it will not have an effect on spam levels or malware infections. Oh it succeeded in taking the botnet offline, MS did something real here, but taking just one offline doesn't mean much.

    --
    "I use a Mac because I'm just better than you are."
    1. Re:Still however useless by plover · · Score: 4, Insightful

      This was a lot larger than taking down a rogue host. This is 1,500,000,000 fewer spams per day on the net.

      Cut out two billion spams here and there and pretty soon you're talking about real effectiveness.

      Sure, they could probably do more, but every journey begins with a single step. Shut down the easy ones first. Pick the low-hanging fruit. Then go back and take down another, and another. At this point it could be all they could get done in a short amount of time, and in any case it's still a good start.

      --
      John
    2. Re:Still however useless by Alwin+Henseler · · Score: 5, Insightful

      As long as the source of the spam/malware problem isn't held accountable, nothing much will change.

      The ultimate source (not cause!) of this problem is of course users that get spam, and then go on to send money to the folks that spammed them. But next in line are those companies that use spam, spread through malware-infected PC's, to sell their products (or sell worthless/dangerous crap, for that matter). Such shady companies should be put out of business, their CEO's thrown in jail ASAP (through whatever -legal- means), and profits confiscated to support the anti-spam operation.

      Focussing on botnets is a good thing, but IMHO useless. Focussing on the folks running them is better, but the next botnet-operator-wannabee will step right in. Instead, efforts should focus on the businesses paying these fuckers.

    3. Re:Still however useless by IamTheRealMike · · Score: 5, Interesting

      There aren't that many botnets out there. I think most reputable observers peg it at around 6 or 7 big ones, from a spam perspective anyway. So taking one down is actually pretty awesome. Remember when McColo disappeared and spam levels dropped massively overnight? It wasn't that McColo itself pumped out spam, it was that the botnet C&C servers lived there.

      As somebody who actually has to deal with the impacts of large botnets as part of my job at Google, I'd like to congratulate and thank the guys at Microsoft for this victory. Whether it has a noticeable impact on spam or not, it sends a powerful message to people thinking of making their own botnet - it can all end suddenly.

      Building and maintaining a botnet is already pretty hard work .... between AV firms, Microsofts MSRT, users noticing problems and wiping the OS, removals by rival botnets and generally improving PC security botnet building has gone from something every man and his dog was doing to something very few can do well. Hardly any botnets become big. Most abuse I deal with comes in via bots that are apparently being shared or rented out to different (sometimes competing) spammers. That's an encouraging sign.