Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: FBI vs. Coreflood botnet: round one goes to the Feds

28 Apr 2011   #1
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
FBI vs. Coreflood botnet: round one goes to the Feds

Name:  coreflood-thumb-640xauto-21317.png
Views: 2
Size:  76.4 KB

The FBI’s unprecedented effort to behead the Coreflood botnet—comprised of millions of hacked Windows machines—appears to be working, at least for now. The bureau has tracked a dramatic decline in the number of pings from the botnet since the takedown operation began earlier this month, according to court documents filed by the Justice Department on Monday.

The number of pings from infected US systems plummeted from nearly 800,000 to less than 100,000 in about a week after authorities began sending out “stop” commands to those machines—a drop of nearly 90 percent. Pings from infected computers outside the US have also dropped about 75 percent, likely as a result of a parallel outreach effort to foreign ISPs.

The government’s efforts have “temporarily stopped Coreflood from running on infected computers in the United States,” writes the government in its filing, “and have stopped Coreflood from updating itself, thereby enabling anti-virus software vendors to release new virus signatures that can recognize the latest versions of Coreflood.”


A new filing from the Justice Department to the federal court includes a request to allow the FBI to keep doing what they have been doing for another month, and also intimates that the government might soon be asking of the court to allow them to instruct the computers to deinstall the Coreflood malware - a potentially historical first request of this kind in the U.S.

They maintain that they have tested the process on purposely infected computers and that there were no adverse effects to the machines. And even thought they say that they will not be doing anything else on the affected computers - for example examining their contents - there will surely be some users averse to the idea. If this request is granted, the government will likely allow them to opt out of the "procedure".

The fact that this action allowed the FBI to gather the IP addresses of the affected computers and track them down to the actual (U.S.) owners has revealed that some infected computers belong to defense contractors, state and local government agencies, airports, hospitals, educational organizations, financial institutions and a great number of businesses in general.

The FBI has used these lists of IP addresses to get help from the U.S. ISPs with contacting the affected users and explaining them the situation. When it comes to infected computers in the rest of the world, the bureau notified the appropriate foreign law enforcement agencies so that they could notify their countries' ISPs and users.

A Guy

My System SpecsSystem Spec

29 Apr 2011   #2
Layback Bear

Windows 7 Pro. 64/SP-1

My bank keeps telling me they are safe, why don't I bank on line. I'm going to print this baby and hand deliver it.
My System SpecsSystem Spec

 FBI vs. Coreflood botnet: round one goes to the Feds

Thread Tools

Similar help and support threads
Thread Forum
Feds tell Web firms to turn over user account passwords
Feds tell Web firms to turn over user account passwords | Politics and Law - CNET News
Security News
Feds want to expand wiretap law from ISPs to Google, Facebook
Source A Guy
Security News
FBI Kills Coreflood Botnet Using Replacement Servers
Read more at: Maximum PC | FBI Kills Coreflood Botnet Using Replacement Servers
Security News
Feds Eye Apple for Antitrust Probe
"Apple may soon face antitrust pressure from either the Federal Trade Commission or the Department of Justice over its decision to block Flash and other cross-platform development tools from the App Store, a move that Apple says is best for consumers." Feds Eye Apple for Antitrust Probe - PCWorld

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 15:22.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App