Recently in a joint effort, Microsoft and Symantec took down a dangerous botnet called "Bamital" which hijacked search results and took victims to potentially malicious sites that would install malware. Now, Microsoft has revealed a successful takedown of the botnet with cleanup currently taking place.
"Two weeks after Microsoft and Symantec’s collaborative takedown of the Bamital botnet, I’m pleased to report that the Bamital botnet remains offline. Additionally, since Microsoft was able to receive all of the computer traffic that had been connecting to the Bamital botnet, we are also seeing very positive cleanup results firsthand," Microsoft revealed in an official blog post.
The demise of the Bamital Botnet will be the sixth botnet takedown in the past three years by Microsoft, as part of the company's MARS (Microsoft Active Response for Security) program. This takedown was also known as Operation b58. Microsoft and Symantec files a lawsuit against the botnet's operators this past January and once the court granted the request, Microsoft (along with the US Marshals) seized data and evidence from web hosting facilities in Virginia and New Jersey. Microsoft is also helping victims regain control of their computers.
Microsoft has already seen a 32% reduction in infected computers in just 12 days since takedown thanks to positive response from victims. "We expect that the number of victim notifications and cleaned computers will improve as we fine-tune our process over the course of the next several weeks," Microsoft added.