FBI Kills Coreflood Botnet Using Replacement Servers

Brad Chacos

If you're the kind of person who authorizes ActiveX scripts willy-nilly or opens attachments emailed to you by strangers, the world is a much safer place now than it was two months ago. Don't get us wrong – if you're that kind of person, your computer is still going to end up overrun with malware, but at least it won't be made into a Coreflood zombie. The FBI's "Operation ADEONA" took the botnet on head first, and while botnet operators can be a hardheaded bunch, the FBI's head is apparently even harder.

Before ADEONA took effect in mid-April, an estimated 2.3 million computers were part of Coreflood's botnet, Computerword reports . The operation kicked off when a judge gave the FBI permission to seize the botnet's command and control servers and replace it with one of their own. That way, not only was the source of the infection stopped, but when zombie computers checked in for orders, the FBI's server told them to sit tight rather than launch any nefarious Internet attacks.

Security companies worked hand-in-hand with the feds to shut down Coreflood; while the replacement server was in place and the botnet was docile, antivirus companies sent out detection files for Coreflood. Federal tracked the results of the tag-team effort by monitoring the number of incoming command requests from zombified Coreflood computers.

Barely two months after the start of ADEONA, the FBI shut down its replacement server and called the operation a massive success. The dummy server received over 800,000 command requests on its first day in operation; now, the requests have almost dried up completely and are a fraction of the original number.

"On Tuesday, the government closed the civil lawsuit when a federal judge permanently barred 10 "John Does" from operating Coreflood," Computerworld says, bringing an end to the quick -- but effective -- operation.

While ADEONA didn't quite eradicate Coreflood, the botnet was beaten to the brink of death. Between Operation ADEONA and Microsoft's recent beat-down of the spam-causing Rustock botnet, the appeal of illegally running hordes of zombified PCs must be dwindling in Internet crime circles.

Image credit: eWeek

Around the web

by CPMStar (Sponsored) Free to play

Comments