When we heard that Microsoft was appealing to a higher power to shut down the Waledac botnet
, we assumed that meant lighting candles at St. Francis Parish -- instead, the company went to the courts. At its prime, Waledac was estimated to have infected upwards of 90,000 machines, which in turn sent out approximately 1.5 billion pieces of spam a day (about one percent of the world's total). In February, District Court Judge Leonie Brinkema issued a temporary restraining order taking the 276 domains that the perps used for the network's command and control structure offline, and earlier this month the act was finalized with the U.S. District Court of Eastern Virginia granting a motion that, according to USA Today
, "[effectively] gives Microsoft permanent ownership" of the domains.
Although the defendants didn't come forward, Microsoft lawyers were able to prove that they were indeed aware of the case -- it seems that not only did they launch a DDOS attack against Microsoft's law firm, they also threatened a researcher involved in the case. Of course, since the worm can also operate in peer-to-peer mode there's no telling how many infected machines are still out there, but at the very least the botnet has been crippled -- and now companies like Microsoft have proven legal recourse if they are targeted by domains (at least ones registered in the US). "It's open season on botnets," said Microsoft senior attorney Richard Boscovich Sr. "The hunting licenses have been handed out, and we're coming back for more."