Waledac botnet

Waledac, also known by its aliases Waled and Waledpak, was a botnet mostly involved in e-mail spam and malware. In March 2010 the botnet was taken down by Microsoft.

Operations
Before its eventual takedown, the Waledac botnet consisted of an estimated 70,000–90,000 computers infected with the "Waledac" computer worm. The botnet itself was capable of sending about 1.5 billion spam messages a day, or about 1% of the total global spam volume.

On February 25, 2010, Microsoft won a court order which resulted in the temporary cut-off of 277 domain names which were being used as command and control servers for the botnet, effectively crippling a large part of the botnet. However, besides operating through command and control servers the Waledac worm was also capable of operating through peer-to-peer communication between the various botnet nodes, which means that the extent of the damage was difficult to measure. Codenamed 'Operation b49', an investigation was conducted for some months which thereby yielded an end to the 'zombie' computers. More than a million 'zombie' computers were brought out of the garrison of the hackers but still infected.

In early September 2010, Microsoft was granted ownership of the 277 domains used by Waledac to broadcast spam email.

The botnet was particularly active in North America and Europe and India, Japan and China.