Microsoft releases out-of-schedule update for anti-malware tool
Microsoft will support the FBI in its efforts to combat the Coreflood/Afcore botnet by releasing an out-of-schedule update for its Windows Malicious Software Removal Tool (MSRT). The company usually only updates the tool on the second Tuesday of every month, and it seems that the criminals behind Coreflood were aware of this as they circulated new variants of the worm at approximately the same time as Microsoft released its April MSRT update. Microsoft says that the update also provides additional enhancements to the MSRT engine for other malware families.
Coreflood is considered one of the longest-running botnets ever. Experts estimate that the botnet has already been active for 10 years and could have infected more than 2 million computers during that time. Large parts of Coreflood are now controlled by the FBI. If an infected computer contacts a US government-controlled command&control server, the bot will receive instructions to terminate. However, the termination is only valid until the next reboot. Users who want to permanently remove the malware from their systems must use an anti-malware tool such as MSRT.
- Friendly takeover: FBI controls bot PCs, a report from The H.