DOJ Gets Court Permission To Attack Botnet

itwbennett writes "In an unprecedented move, the Department of Justice (DOJ) and the FBI have been issued a temporary restraining order that will allow the FBI and the US Marshal for the District of Connecticut to set up servers at the Internet Systems Consortium or other ISPs that would stop infected computers from continuing to spread the Coreflood virus, according to court records. This week, the DOJ and FBI seized five servers that controlled Coreflood-infected computers, the DOJ said in a press release. The agencies also seized 29 domain names used by the Coreflood botnet to communicate with the servers."

Possibly a non-jackbooted response

[russotto]

I haven't found the order itself, but the request is here

If that's what they were granted, it looks remarkably restrained. It actually specifies the servers in question (it's not just a blanket "We get to grab anything we claim is a C&C server, now or in the future").

The part the article seems to be going on about is "A permanent injunction that requires the Defendants to uninstall Coreflood on any computers not owned by the Defendants and authorizes the operation of a substitute command and control server to give effect to the Court's orders;" This is pretty radical, in that it lets the FBI operate the botnet at least in so far as to shut it down. But it doesn't give them any authority over computers which aren't already infected.