Botnet’s are a curse on the web as they are used to spam us with emails and to help spread malware. In the last couple of years Microsoft has taken some interesting steps to try and get the bigger botnets taken out of action. Using the court and laws that already exist on the books they have been waging a quiet war against the people running these botnets. A good example of that is when they took down the Rushstock botnet back in March 2011.
The most recent move by the company took advantage of anti-racketeering laws in order to go after another botnet that was being used to expand the original botnet and to spread the Zeus malware package.
The effort was called Operation b71 and for the first time involved other companies, Financial Services – Information Sharing and Analysis Center (FS-ISAC) and NACHA, in order to obtain warrants for the server seizures through a federal lawsuit based in part on the Racketeer Influenced and Corrupt Organizations (RICO) Act.
The actual seizures, done by Microsoft employees backed up by US Marshals, happened at two web hosting centers in Scranton, Pennsylvania and Lombard, Illinois and also involved seizing hundreds of domain names.
This was also the first time that Microsoft moved against more than one target simultaneously.