Posted by Richard Boscovich
Senior Attorney, Microsoft Digital Crimes Unit

Today, the FBI and U.S. Department of Justice announced a legal and technical operation to take down the Coreflood botnet, using a civil suit for a temporary restraining order against the operators of the botnet and criminal seizure warrants in order to disable the botnet’s infrastructure.

We commend the FBI and DOJ for the action against Coreflood . There is clearly strong public and private momentum in the fight against botnets and the Microsoft Digital Crimes Unit was happy to provide technical information from the lessons we learned from the recent Rustock and Waledac botnet takedowns to assist these agencies in their operation. 

In addition, in coordination with the FBI, the Microsoft Malware Protection Center has added Win32/Afcore (Coreflood) malware detection in our Malicious Software Removal Tool to help minimize the malware’s future impact. Please see the MMPC blog for more technical information about the Win32/Afcore malware.

Stemming from previous botnet takedown operations, Microsoft has also created a dedicated website to provide free information and tools to help people get rid of botnet malware in order to regain control of their computers.

We also encourage all computer users to exercise safe practices to protect their computers from becoming infected with malware, such as running genuine and up-to-date software. For Windows users, this means also ensuring Windows Update is turned on to automatically update your Windows software, firewall protection and anti-virus and anti-malware protection.