HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
FBI Remotely Uninstalled Coreflood Malware from 19,000 Computers
The FBI has remotely uninstalled coreflood botnet clients from a number of 19,000 computers in a first-of-its-kind law enforcement operation.
Coreflood is one of the oldest botnets, dating back to 2002. During its life it infected a total of 2.3 million computers and from March 2009 to February 2010 alone it stole 190 GB of sensitive data including online banking passwords.
Earlier this year, the FBI obtained a court order allowing it to seize five Coreflood command and control servers, as well as 29 domain names used by attackers to communicate with the botnet. The judge also authorized the bureau to set up a sinkhole server in order to send "stop" commands to all coreflood-infected machines. In addition, the agency also began working with ISPs to identify and notify the owners of the compromised computers.