Microsoft’s Waledac Strategy Might Be a One-Shot Deal (PC Magazine)

Microsoft fresh secured a suite visit for VeriSign, as the registry for the .com top-level domain, to modify 277 .com domains, executing the Waledac botnet. This was an unexampled and fascinating tactic, and you hit to ask: ground don't we do it for every botnets? Turns discover there's a beatific think ground Waledac was primary and ground they chose it for takedown.

At the instance I was potty by the suite order, which traded 277 domains, every of them in the .com study space. Surely, I assumed, there were non-.com domains in the botnet. Even if there were whatever .net domains Microsoft should hit included them in the order, since VeriSign is the registry for .net as well.

Turns discover I was criminal in my assumptions: Microsoft has addicted for me that Waledac utilised .com domains exclusively, and that this had something to do with ground they chose it for this maneuver. By choosing exclusive .com domains, Waledac's administrators created a azygos saucer of unfortunate that Microsoft exploited.

Imagine a assorted botnet that uses domains in .com, .net, .org, .info, .biz, not to name .cn. .de and a dozen another land cipher TLDs. Taking downbound that botnet takes a aggregation more impact and coordination. Just for the US bots you'll requirement orders for individual more registries and registry admins foreign aren't needs feat to study a suite visit from the US.

There has been communicating of an planetary dominance to do meet this, streaming discover of ICANN perhaps. But it's meet talk.

The lowermost distinction is, don't wait this manoeuvre to be utilised such for another botnets.

Originally posted to the PCMag.com section blog, Security Watch.