Microsoft Looks To Courts For Botnet Takedowns 93
angry tapir writes "Microsoft has seen a dramatic drop in the number of computers infected with Waledac, a piece of malicious software affiliated with a botnet that was once responsible for a massive amount of spam. In the second quarter of this year, the company cleaned only 29,816 computers infected with Waledac, down from 83,580 computers in the first quarter of the year. The drop in the number of infected machines shows the success of the legal action Microsoft took earlier in the year, according to the company."
Re:Foot in the door... (Score:0, Informative)
Courts have been already used to take down those. Wikileaks domain was suspended a few years ago and just a few months ago government suspended around 10 streaming movie sites. Both by US courts and I don't US should have all the jurisdiction over domains. It's already a problem.
Re:Seems Interesting... (Score:1, Informative)
Because it's not? Let me know how well Ubuntu runs after you gsudo-elevate my trojan executable, which places a new entry in init.d, or attaches itself to /bin/login.
Re:Right goal. Wrong tool. (Score:4, Informative)
If linux or macos had a dominant market share the same problem would occur, but it wouldn't be anywhere near as bad...
Linux/Mac users are already used to running as an unprivileged user, providing an extra obstacle for any malware (sure malware can still do bad things without root, but it's much more difficult to hide and make itself difficult to remove), windows is only just starting to move towards this decades old best practice.
On a unix box, files are not deemed executable based on their name alone, if you download a file by default it will not be executable and an extra step is required to make it so.
Unix boxes not only don't rely on file extension to determine if a file is executable, they also don't hide the file extensions by default... A common attack on windows systems is to create a file called picture.jpg.exe and assign it an icon which looks like the default windows icon for a jpeg file, windows will dutifully hide the .exe part so users only see picture.jpg, assume its a picture and try to open it. Clever malware will even embed a picture inside the binary and when you run it, will save the embedded picture to a temporary location and spawn a viewer to display it. Using file extensions to determine file type, and then hiding those extensions by default is an extremely stupid and very dangerous flaw.
Unix systems also don't execute anything by default which is stored in an inserted piece of media, simply inserting the media won't infect you, you would have to explicitly go and execute the malware - which would result in very low infection rates.
So sure, if linux or mac had 95% of the market people would be looking to attack them, but the lack of many of the inherent security flaws in windows would make these attacks far less effective.
That said, linux having a 95% marketshare would be almost as undesirable as windows having it, diversity is extremely important - if there are 3 common systems with 30% market share each the job of a malware author becomes much harder and less profitable.
I do however predict, that in a 30/30/30 windows/linux/mac marketshare split, malware authors would still primarily target windows because it represents a softer target.