In association with heise online

29 April 2011, 13:38

US authorities to delete Coreflood bot from computers

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

FBI Logo In the battle against the Coreflood botnet, US authorities are going a step further by deleting the contaminant from infected computers, according to a report by Computerworld. Up to now, the FBI has merely sent a kill command to the bots that disabled them until the computer reboots but does not remove it permanently. In this way, the FBI has managed to reduce the Coreflood botnet by 90 per cent within the US and by 75 per cent worldwide.

Now, a court has given the FBI permission to delete the contaminant from infected computers until 25 May provided that the victims give their written consent. In some cases, investigators have been able to trace static IP addresses back to users, who can therefore be contacted. Internet users with dynamic IP addresses will not be contacted.

In giving the FBI this permission, the court warns that, while the FBI has tested the uninstall command, it could nevertheless have unforeseen consequences, including damage to infected computers. The FBI told Computerworld that user data on infected systems would not be accessed in the process.

Users who believe that their system is infected and would like to remove Coreflood without the FBI becoming involved, can install the latest version of the "Windows Malicious Software Removal Tool" or a reputable virus scanner with an updated signature database.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit