Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Very interesting article from the MSRC: Recently, following an investigation to which various members of the MMPC contributed, Microsoft’s Digital Crimes Unit initiated a takedown of the Waledac botnet in an action known as Operation b49, an ongoing operation to disrupt the botnet for the long term.
To effectively counter a botnet like Waledac, we knew a multi-layered approach was needed — one that included peer-to-peer communication disruption through technical countermeasures, ___domain-level takedowns to disrupt the phone home communications between zombie PCs and the command and control servers for Waledac, and traditional server takedowns to sever the back-end command and control mechanisms most directly under the control of the bot master(s).
-Urs