29 Apr 2011

FBI, Microsoft try to end Coreflood botnet

Although the FBI has taken control of the Coreflood botnet, the agency is now working with Microsoft to remove the malware from thousands of infected machines permanently and ensure Coreflood does not return.

Since the FBI seized control of Coreflood, the number of requests from zombie computers has declined more than 90 percent. According to court papers filed by the FBI, the amount of requests has dropped from 800,000 to 100,000.

Over the past decade, Coreflood has possibly infected up to 2 million PCs, experts claim. Even though the botnet has been thwarted, new variants of Coreflood are already appearing, so the FBI must move swiftly to destroy it.

“Removing Coreflood in this manner could be used to delete Coreflood from infected computers and to ‘undo’ certain changes made by Coreflood to the Windows operating system when Coreflood was first installed,” wrote FBI Special Agent Briana Neumiller in the court filing.

During the first quarter of 2011, cyber criminal activity increased 26 percent from the first quarter of 2010. According to a report by an internet security company, the amount of new attacks surfacing on a daily basis reached 73,000 during the first quarter.