ID: IRCNE2011091264
Date: 2011-09-28|
According to "zdnet", Microsoft’s Digital Crimes Unit has shut down a botnet that was investigated for hosting the MacDefender scareware that preyed on Mac OS X users.
The botnet, known as Kelihos or “Waledac 2.0,” has been linked to spam messages, ID-theft attacks and pump-and-dump stock scams, according to Microsoft senior attorney Richard Domingues Boscovich. The botnet contained about 41,000 computers worldwide and was capable of sending 3.8 billion spam e-mails per day.
For the first time since Microsoft’s anti-cybercrime team started disabling botnets, the company moved to the U.S. court system and identified a defendant that allegedly owned the domain that controlled the botnet.
“Our investigation showed that while some of the defendant’s subdomains may be legitimate, many were being used for questionable purposes with links to a variety of disreputable online activities,” Boscovich said.
In addition to hosting the Kelihos botnet, Microsoft said its investigations revealed that the defendants’ cz.cc domain was previously linked to sub-domains responsible for delivering MacDefender, a type of scareware that infects Apple’s operating system.
In May 2011, Google temporarily blocked subdomains hosted by the cz.cc domain from its search results after it discovered it was hosting malware, although Google reinstated the subdomains after the defendant allegedly corrected the problem.
Microsoft said it is in discussions with Piatti to determine which of his sub-domains were being used for legitimate business, so that those customers could be reconnected.
- 2