Microsoft and the FBI had great success with taking down a global botnet ring called “Dorkbot”. The authorities along with Microsoft has been tracking Dorkbot for more than four years and the network of bots has been used to launch DDoS (Distributed Denial of Service) attacks and to steal sensitive data from computers. To date, it had infected over a million Windows PC’s.
The FBI and Microsoft also worked a great deal with the European Cybercrime Center and the Interpol Digital Crime Center (IDCC) which they gave great thanks to as well.
“This successful operation shows the value and need for close collaboration between law enforcement and the private sector to detect, prevent and mitigate all manner of cyberthreats,” said Sanjay Virmani, Director of the IDCC.
“We encourage private sector companies with expertise in the cyber realm to work with INTERPOL to combat these very real security risks,” he concluded.
The W32.Dorkbot malware spread via USB drives, web sites, social sites like Facebook, and instant messaging platforms. When a user browsed to an infected URL, it would download the malware and infect the system. It would then setup a backdoor for the botnet to operate but also prevented you from reaching antivirus and security sites, to keep it from being removed from your PC. The malware would also collect all of your stored passwords and send them to the group responsible for the infection.
Without taking down the Dorkbot network, more than 100,000 new systems would have been infected monthly.