Microsoft, Symantec behead botnet, give infected machines clean-up information
Microsoft, Symantec and U.S. marshals take down C&C servers.
Technicians and U.S federal marshals served warrants at data centers in Weehawken, New Jersey, and Manassas, Virginia, on Wednesday, taking aim at servers that send commands to zombies that were zapped into the Bamital botnet. They seized control of one server at the New Jersey location, and persuaded the Virginia data center to contact its parent company in Holland to take down another, according to Retuers.
Richard Boscovich, assistant general counsel with Microsoft‘s Digital Crimes Unit, told the Reuters news agency that they had a high degree of confidence that the operation has brought down the whole crime operation.
The problem did not end there for infected machines however, as the Bamital botnet was used to redirect web searches as part of an advertisements scam. That meant that infected machines – estimated between 300,000 and 1,000,000 – could no longer use web services.
To alert those users of their PC’s infection, they will now be redirected by different servers to information explaining their situation, and how to fix it.
“You have reached this website because your computer is very likely to be infected by malware that redirects the results of your search queries. You will receive this notification until you remove the malware from your computer,” a message on the redirected page reads.
This is the sixth time that Microsoft has used the legal system to take down botnets since 2010.