Microsoft, Law Enforcement Disrupt Dorkbot Botnet (technet.com)

← Back to Stories (view on slashdot.org)

Microsoft, Law Enforcement Disrupt Dorkbot Botnet (technet.com)

Posted by Soulskill on Friday December 4, 2015 @07:37AM from the dorkbot-is-now-a-word-a-you-know dept.

An anonymous reader writes: Microsoft said in a blog post Thursday that it aided law enforcement agencies in several regions to disrupt a 4-year-old botnet called Dorkbot. The botnet aims to steal login credentials from services such as Gmail, Facebook, PayPal, Steam, eBay, Twitter and Netflix and has infected one million computers worldwide. The company didn't provide details on how Dorkbot's infrastructure was disrupted.

8 of 31 comments (clear)

Min score:

Reason:

Sort:

Plenty Of Detail by Anonymous Coward · 2015-12-04 07:45 · Score: 3, Funny

The company didn't provide details on how Dorkbot's infrastructure was disrupted.
WTF, they "activated a Coordinated Malware Eradication (CME) campaign, performed deep research, and provided telemetry to partners and law enforcement". There's enough meaningless jargon in there to satisfy even the most buzzword calloused manager.
1. Re:Plenty Of Detail by TWX · 2015-12-04 08:33 · Score: 2
  
  I doubt it. The fact that Microsoft OSes get so infected as they do makes me think they simply broke something like the DNS process that the botnet is dependent on. For all we know, they haven't actually disabled the botnet, just taken control over it.
  
  --
  Do not look into laser with remaining eye.
The opportunity presented itself... by Drewdad · 2015-12-04 07:58 · Score: 3, Funny

...while Dorkbot's operator was trying to decipher Microsoft's new core-based licensing structure.
1. Re:The opportunity presented itself... by zlives · 2015-12-04 09:04 · Score: 2
  
  more likely windows 10 telemetry helped in locating, dissecting and disinfecting the botnet without compromising privacy in any way.
Re:Netflix by Sowelu · 2015-12-04 08:06 · Score: 2

Realistically though--they can steal some personal information, like name and probably your billing addresses, and they possess a username that is likely to be in use somewhere else. With a username, real names and a billing address, you have enough information to start socially engineering your way into other things.
Re:Netflix by TheGrimmReaper · 2015-12-04 08:13 · Score: 2

Many people re-use the same password so in theory, getting someone's netflix password could get you into other sites.
Microsoft shutsdown Microsoft botnet .. by nickweller · 2015-12-04 09:42 · Score: 2

What Desktop operating System did this Dorkbot botnet run on?
Re:Netflix by ShaunC · 2015-12-04 10:10 · Score: 3, Interesting

Can someone explain it to me how it hurts the Netflix user's account when it's stolen?
Depends on your definition of "hurt." By my own definition, it would "hurt" me if Netflix saw my account logging in from some other country and shut it down. Now I have to contact Netflix and see why my account isn't working, maybe spend awhile on the phone swearing up and down that I haven't given my password to some guy in Russia and I promise I'll make a 45-character passphrase. All of this takes time and effort. It's not nearly as severe as having credentials to a bank account stolen, but it's still "harm" as far as I'm concerned.

--
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!