For the last several years, Microsoft has relied upon software-based security solutions to try to keep their users safe from malware attacks. Now, however, it seems that they have discovered a new way to combat cyber-attacks and, thanks to some success, they plan on using the method more often.
Earlier this year the company petitioned for, and was granted, an ex parte temporary restraining order used to shut down domain names that were being used to communicate with computers infected by Waledac, botnets which send spam and install fake antivirus software on victim’s machines. The move was unprecedented, but effective.
In the first quarter of this year, before the legal action, Microsoft reported that their security software cleaned 83,580 cases of the Waledac infection. During the second quarter, infections cleaned dropped to only 29,816, a success the company attributes to the restraining orders.
Ex parte restraining orders are reportedly not an easy thing to get a court to issue due to concerns over violating the defendant’s due process rights. However, the orders were granted in these cases because the judge deemed it likely that those targeted would have the ability to quickly reorganize and resume their criminal activity.
According to PCWorld, “The international domain name registrants were served through the Hague Convention on Service Abroad, and all of the documents were sent to China's Ministry of Justice in addition to being published on a specific Web site.”
Once the orders were issued, the malicious domains were shut down within a 48-hour time frame. A permanent injunction is now pending after a hearing last month in which a judgment was made to transfer control of the domains to Microsoft.
Judging by their reported success, it wouldn’t be surprising to see Microsoft begin to turn to the courts for assistance with other malware, like Zbots. The company reports cleaning 238,441 cases of Zbot infection from computers during the first half of this year, over 100,000 more infections than Waledac. The courts may just prove to be a valuable supplement to security software in the future.
