The servers were actively involved with the Bredolab botnet, appearing to be command and control centers. They were hosted by LeaseWeb, one of the largest provider of hosting services in the Netherlands. The provider fully cooperated in the takedown operation.
It is unclear so far whether the botnet has been fully decapitated, but security firms such as TrendLabs are monitoring activity levels of the botnet for clues.
Bredolab originated in Russia and rose to prominence in August 2009. The primary initial trigged for infection was through e-mail but later was delivered using a wide variety of methods, even being dropped as a payload by other known malware.
Dutch Authorities estimate that it was capable of infecting 3 million computers per month at its peak.
Written by: James Delahunty @ 26 Oct 2010 12:07