Microsoft to Deactivate Botnet Army

Published February 25, 2010

| The Wall Street Journal

Microsoft has won a court order aimed at taking down a global network of PCs that the company accuses of spreading spam and harmful computer code.

A federal judge in Alexandria, Va., granted a request by Microsoft to deactivate 277 Internet addresses, or domain names, that the Redmond Wash., company links to a "botnet," an army of tens of thousands of PCs around the globe infected with malicious code that allows them to be harnessed for nefarious purposes.

Microsoft on Monday filed a suit that targets a botnet identified as Waledac. It accuses 27 unnamed "John Doe" defendants of violating federal laws against computer crime.

The suit, and a temporary restraining order subsequently issued by U.S. District Judge Leonie Brinkema, were both filed under seal. The move was designed to allow Microsoft to secretly sever communications channels to the botnet before its operators could reestablish links to the network.

Judge Brinkema's order required VeriSign Inc., the company that oversees the registration of all domain names ending in ".com," to temporarily turn off the suspect Internet addresses. Microsoft began notifying the domain name owners of its actions early Thursday after the protective order covering the court actions was lifted.

Registration records associated with the domain names all list contact information in China. The owners could not immediately be reached.

For more, see the Wall Street Journal.