Microsoft believes it has completely disassembled the Waledac botnet. With this week's recommendation by a magistrate judge to turn over the domains to Microsoft, the legal strategy will have the benefit of becoming precedent.
"We were able to take the entire botnet offline at the beginning of the case and that is extraordinary," Boscovich said. "If you give people notice before decapitating the botnet, they will just move the bots. We were able to dismantle, decapitate the botnet at the beginning, and then continue with the legal process."
The software giant expects the district court judge who presides over the case to take the lower court's recommendation. Other botnets that base their C&C system on domain names are similarly vulnerable to the legal tactic, Boscovich said.
Microsoft does not plan to sit on its laurels. Under the auspices of its Project MARS, which stands for Microsoft Active Response for Security, the company will formulate legal strategies for taking down botnets with other C&C structures, Boscovich said.
"This is the first step and a proof of concept, and it worked," Boscovich said. "In the future, you will see us approaching other botnets with different command-and-control structures in similar ways."
This article, "Microsoft botnet 'decapitation' scores legal win against cyber crime," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog.