Dutch government shuts down Bredolab botnet

The Dutch team said it seized 143 computer servers and disconnected them from the internet. The team worked with a Dutch hosting provider, the Dutch Forensic Institute, internet security firm Fox IT, GOVCERT.NL, and the National Policy Agency to carry out the seizures.

The Bredolab botnet uses email attachments and infected websites to install the virus and take control of the host computer. The virus has the ability to copy, change, or delete files and steal account information and passwords on the host computer.

The Dutch High Tech Crime Team discovered the botnet in the late summer. During its investigation, the team determined that the network was capable of infecting 3 million computers a month. At the end of 2009, it was estimated that 3.6 billion emails with Bredolab virus payloads were sent daily.

The botnet network used servers hired in the Netherlands from a reseller of LeaseWeb, which is the largest hosting provider in the Netherlands, and one of the largest hosts in Europe.

The Dutch High Tech Team said that computer users with the botnet virus would receive a notice at the time of next login with information on the degree of infection. They would also receive advice on removing the viruses from their system.

What’s hot on Infosecurity Magazine?