Bredolab is a botnet that, like other botnets, was designed to capture usernames and passwords for online banking accounts. Reaching an estimated 30 million computers since its inception in 2009, Bredolab was a serious threat overseas. But thanks to the efforts of a joint task force of Dutch law enforcement and IT professionals, Bredolab was brought to its knees on October 25.
Fox-IT, a security firm based in the Netherlands, managed to use the botnet itself to send infected users to a warning page with linked instructions on how to remove the offending software. While the team was able to shut down the servers, cleaning the individual machines was up to the infected users.
Fox-IT get some help from GOVCERT.NL, the Computer Emergency Response Team for the Dutch government, which provided coordination and technical expertise.
Hosting provider WebLease (site is in Dutch) was the last piece of the puzzle. WebLrase provided the team with the information necessary to locate the offending servers. WebLease had previously made news in the hacker community for shutting down the servers of popular file sharing site Demonoid.
With the example set by the Dutch team we will hopefully see more of the combined efforts of government, expert hackers and the ISPs of the world in the fight against cybercrime. Heel erg bedankt!
[via The Register]
- 'Attack Page' Scam Lurks in Firefox and Chrome
- Permission Granted: The Link Between Recent Privacy "Breaches"
- Microsoft Exposes Scope of Botnet Threat