U.S. Government to Remotely Uninstall Coreflood Trojan from Infected Machines

Paul Lilly

Over the course of the next four weeks, the U.S. Department of Justice will put into effect an initiative to remotely uninstall the Coreflood botnet Trojan from infected Windows PCs. The way it will go down is the DOJ will identify owners of infected rigs and then submit an authorization form to the FBI. It's the latest step in an effort to stomp out the botnet that's managed to seize control of some 2 million PCs.

According to ComputerWorld , the DOJ and FBI convinced a judge to grant them a restraining order to seize five command-and-control (C&C) servers that managed Coreflood. The unprecedented decision has led to Coreflood being reduced by 90 percent in the U.S., and 75 percent in other countries.

"Additional time is needed, however, both to allow more antivirus vendors to release virus signatures for Coreflood and to complete the process of notifying Coreflood victims," the DOJ said in a memorandum filed Saturday.

That request was also granted, and in the meantime, the government will uninstall Coreflood from identified victims' PCs who provide written consent.

Around the web