Microsoft takes down Waledac spambot

Microsoft reveals on one of its blogs that it has taken down Waledac, a large spambot that reportedly had the capacity to send over 1.5 billion e-mails per day.

At Microsoft, we don’t accept the idea that botnets are a fact of life. We are a founding member of the Botnet Task Force, a public-private partnership to join industry and government in the fight against bots. Given the recent spread of botnets, we are getting even more creative and aggressive in the fight against botnets and all forms of cybercrime. That’s why I’m proud to announce that through legal action and technical cooperation with industry partners, we have executed a major botnet takedown of Waledac, a large and well-known “spambot.” The Wall Street Journal has a story on the case today (subscription required).

Several security experts on the other hand say it's not really a major victory, as the take-down of the network didn't result in a noticeable decline in spam levels.

"Waledac just is not a hugely prolific spammer," said Joe Stewart, director of malware analysis at SecureWorks and a noted botnet researcher. "So I don't think it's going to affect spam [volume]. What it does do lately..., what it's used for, is to install rogue antivirus software."

The U.K.-based anti-spam service Spamhaus echoed Stewart today. "If [Microsoft's take-down] did affect spam, we haven't noticed," said Richard Cox, the chief information officer at Spamhaus. Like Stewart, Cox also dismissed Waledac's threat as a spam engine.

One of the most successful actions against spam was the closure of webhost McColo, which resulted in a 70 percent collapse in spam in November 2008.