Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Court order cripples Coreflood botnet, says FBI

Gregg Keizer | April 26, 2011
But Microsoft rereleases Coreflood scrubber.

Microsoft today said it was releasing another edition of its Malicious Software Removal Tool (MSRT) to bolster the cleaning process.

"This edition includes variants of Afcore released by the criminals behind it at approximately the same time as the previous edition of MSRT." said Jeff Williams, a principal group program manager with the Microsoft Malware Protection Center.

Typically, Microsoft ships a new version of its Malicious Software Removal Tool (MSRT) only once each month as part of its Patch Tuesday package. The free MSRT, which targets a limited number of malware families, scrubs PCs of attack code. Microsoft feeds the tool to users through the same Windows Update mechanism that serves up security patches.

Microsoft said earlier this month that it added Coreflood detection to the April 13 version "at the request of the FBI and the Department of Justice." Today the company declined to confirm whether it re-released the tool at the request of the DOJ and FBI.

Neumiller's affidavit included a chart that showed a resurgence in Coreflood beacons on April 18. That spike may have prompted the DOJ and FBI to ask Microsoft to reissue MSRT.

Microsoft's newest version of the MSRT can be manually downloaded from the company's Web site. Windows PCs should receive the revised tool shortly via the Windows Update service.

Text about this image
The FBI said that command requests from Coreflood-infected Windows PCs has dropped to about one-tenth of the pre-takedown volume in the U.S., one-quarter overseas.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.