back to article Waledac botnet 'decimated' by MS takedown

Communications within the notorious Waledac botnet have been "effectively decimated," thanks to a novel takedown approach that combined court actions with a variety of technical measures, a Microsoft program manager said Tuesday. "Operation b49," as Microsoft dubbed the takedown, has severed as many as 90,000 infected PCs from …

COMMENTS

This topic is closed for new posts.
  1. Martin Lyne
    Coat

    Decimated?

    The word decimated means "to kill one in ten". Deca. Considered lenient by the Romans.

    If you really wanted to stretch the language you could assume it meant meant 9 out of ten (leaving one tenth) but that would be a bastardisation.

    Annihilated? Destroyed? Obliterated? Vapourised? Removed? Disabled? All words that could be made to work.

    1. I. Aproveofitspendingonspecificprojects 1

      Not quite

      To get decimated first you had to suffer massive losses leading to a massive FAIL.

      Then you got tenthed. That is 1 in 10 survivors was executed. Likely the least fit for active service. (And least influential.)

      1. Anonymous Coward
        Anonymous Coward

        Nope.

        Parent Poster is right. Decimation is the removal of 1 in 10, or a tenth. It has been distorted to mean massive losses.

        Microsoft have either used the one word or are celebrating scratching the surface!!

    2. The Commenter formally known as Matt
      Headmaster

      Language changes, get used to it

      from dictionary.com:

      dec·i·mate /ˈdɛsəˌmeɪt/ Show Spelled[des-uh-meyt] Show IPA

      –verb (used with object),-mat·ed, -mat·ing.

      1.to destroy a great number or proportion of: The population was decimated by a plague.

      2.to select by lot and kill every tenth person of.

      3.Obsolete. to take a tenth of or from.

      1 in 10 is one use of the word decimate, not the only use. Usage of some words has changed since the Roman empire invented them. Get used to it Titus Pullo

    3. NogginTheNog
      FAIL

      Recycling

      Didn't we have this rather pointless debate a year or three ago on here??? Pedants: please use the search function and amuse yourselves there.

  2. Andy Miller

    Decimated ?

    So 90% of it is still working then.

    1. Anonymous Coward
      Headmaster

      Yep

      If the botnet consists of several hundred thousand machines and 60-90,000 have been removed then it's not far off the correct use of the word decimation.

  3. Disco-Legend-Zeke
    Pint

    If Only Microsoft Could...

    ...use the bot to force the user to run Microsoft Update.

    At least the authorities are actually participating. Time to reread Necromancer.

    So at the end of the first period, MS 1, Botmeisters 476

    Zeke 211.

  4. Apocalypse Later

    Doesn't mean what you think

    "Decimated" doesn't mean all but wiped out. It means just ten percent taken out.

    The word comes from a nasty practice by the Roman legions. When a legion displayed cowardice in battle, one man in ten was put to death as a punishment (and a lesson to the others). So when a legion was decimated, it didn't mean they had been wiped out in battle, but that they had been punished, and only lost ten percent of their force thereby. Why we now commonly use the word to mean near total defeat is anyone's guess.

    1. Probe

      Because...

      In all probability if a Legion was decimated after a battle the opposition had won, therefore a decimated legion was one which had lost, probably quite severely.

      1. Probe

        I mean...

        They probably wouldn't have been decimated if they had won.

  5. Anonymous Coward
    Anonymous Coward

    Decimated

    So they've taken out 1 in 10 bots leaving errmm 810,000 infected machines out there?

  6. Sureo
    Unhappy

    Insert ironic title here

    So all those freed PCs are available now to run other malware?

  7. Probe

    Language changes...

    Sofa was originally the verb "Sleep", now its a piece of furniture.

    1. Anonymous Coward
      Pint

      Re: Language Changes

      In My house, it describes the purpose to which the piece of furniture is put.

    2. Big-nosed Pengie

      title

      Yes, it does. But the meaning of "decimated" hasn't changed.

      1. Anonymous Coward
        Happy

        English usage changes...

        How many people will you go up to and say "My, your looking very gay today"

        Lets not even mention going round the back to have a quick fag. See where that gets you in the States.

  8. Anonymous Coward
    Anonymous Coward

    Every time...

    ...the word decimated is used the grammar pedants arrive in force and then the moderatrix has to pipe up and remind them that English usage changes (especially after 2000 years) and the meaning of words evolve.

  9. Bardlee
    Gates Horns

    Oh noes!

    Where will I get my cheap pills now?!?!?!

    wait. pillz.

  10. Anonymous Coward
    Gates Horns

    MS is responsible for the spread to Hotmail

    I mean come on, when email from my father is flagged as malicious while spam written in all Chinese text are allowed to pass unmolested by their servers, it's their fault. I can't even flag him as a safe sender, and to automatically delete email in foreign text.

  11. gumbygirl

    Literalists = tedious

    From Merriam-Webster:

    Decimate-

    1 : to select by lot and kill every tenth man of

    2 : to exact a tax of 10 percent from <poor as a decimated Cavalier — John Dryden>

    3 a : to reduce drastically especially in number <cholera decimated the population> b : to cause great destruction or harm to <firebombs decimated the city> <an industry decimated by recession>

    Based on context clues, I'm thinking they might have been using the 3rd definition. But maybe they actually just levied a 10% tax on Waledac. As I'm required to read everything literally, it's very hard to tell.

    1. phen

      That's what you get for using an American dictionary

      My New Oxford Shorter marks this as "loosely" and further explains:

      "Loose usage prob. stems from a misunderstanding of sense I as 'execute nine out of ten of'."

      I'm not some staunch grammarian. I fully endorse mixing up "there/their" and "its/it's" as I don't believe this creates much ambiguity, but when we muddy the meaning of words we lose precision and conciseness.

  12. Anonymous Coward
    Big Brother

    DPI

    With all this talk of deep-packet inspection and such to stop/throttle P2P downloads can't they filter out the bot communications too?

    Even if they can't filter them but only identify them they could at least send the user's something to tell them to get a virus scanner.

    Frankly this is about the only time "three strikes" would be useful - if you're still sending bot related crap after a certain time/number of warnings your connection is cut until you fix it. It's not like there aren't removal tools.

    1. Anonymous Coward
      FAIL

      but..

      How would you download the removal tools if you'd been cut off? Imagine the scenario of a 1 PC normal (non-techie) home that can't connect until they have installed the latest MS patch or AV update - see any problems?

  13. lglethal Silver badge
    Go

    Why arent MS & security researchers...

    contacting the ISP of the infected machines? Ok we all know that its illegal for Security researchers to use the C&C nodes to download a removal tool on to the lusers machine to remove the infection. But if they have the IP addresses for some infected machines, then let the ISP know. The ISP can then directly contact the luser and make them do something about it.

    Trade off for the ISP - one phone call (and possibly a call out to the lusers place to remove the malware - at a price of course) vs the increased bandwidth used sending out spam and malware attacks. Plus the good PR in actively going out and "helping the customer", has got to mean that the majority of ISP's (at least here in Europe) would do something about it.

    Come on MS if your claiming 90,000 no longer active Waldec Zombies then go the next step and pass on the IP addresses to the ISP's and lets get these people out of the botnet before someone manages to reactivate the damn thing!

  14. Neal 5

    everyone, and i mean everyone

    missing the whole fucking point.

    the bot still exists on the user/s machines. the command module has been hampered that is all. the problem hasn't been resolved, nor will it ever be this fucking way.

    no caps, no grammar, not needed for fuckwit commentards like the ones above.

    perhaps if microsoft actually released a patch to unhook waledac from ring 3 then maybe, again the soft fucking option, pretend all is well, and you all agree, or don't give a flying fuck, arguing about the meaning of decimated, who gives a fuck about that to be honest..

    well within the means of microsoft to validate all kernel hooks, but that means other software developeres might actually have to prove their worth instead of just throwing out unsafe code.

    On a final note, fuck all the grammar Nazis and those who actually pretend to know the usuage of English language, that's a direct jibe at Americans, who only know as they live, bastardisation.

    1. Gordon 10
      WTF?

      Errr Fail

      How exactly are MS meant to distribute the patch oh wise one? Post? Maybe you should think before ranting.

  15. Anonymous Coward
    Anonymous Coward

    decimated...

    originally had the meaning Kill 10%, but is accepted to mean othe rthan this.

    idiots.

  16. Anonymous Coward
    Thumb Up

    The fact is ....

    The amount of Viagra spam dropped to nearly nothing overnight here after steadily building over the last month or so since the last big ISP disconnect, decimated it was :)

    Yoda

  17. lukewarmdog
    Megaphone

    decimated

    Whilst it's silly to argue on the Internet, claiming that this word has "evolved" or is "generally accepted to mean something else now" is fallacy. Evolution isn't continuing to use a word badly and using a word badly in front of a few people doesn't make it acceptable.

    Given how many other more correct words are available why use this one?

    As for how you "fix" a riddled PC once it has been cut off from the Internet - you take it to a PC shop where they upgrade it for you. Let's get these PCs off the Internet first and worry about fixing them second.

    1. Vigilant Mouse

      Further decimated

      Interesting that a collection of people who all accept (I would think) that absolute precision is required when communicating with electronic devices in order to get the desired result, cannot get their heads round the fact that equal accuracy in spoken/written language (just another communication mechanism) is just as important when conveying precise meaning. In fact it is even more important, given the level of fuzzy logic employed by most human beings.

  18. Anonymous Coward
    Anonymous Coward

    Missing the point

    On one hand I'm pleased that MS is doing something to take down botnets like this.

    On the other hand I could look on this as MS admitting they can't secure their operating systems. I mean, if they could harden Windows to prevent the machines becoming infected in the first place this action would have been unnecessary as there would have been no botnet to dismantle.

    I hardly use any Windows machines in my business now. I didn't give up Windows because I was on some open-source evangelisation-fest. I gave it up because I was sick of wasting my time cleaning up infections on fully-patched Windows machines with up-to-date antivirus. I just wanted to get on with running my business.

    I think Apple did a brave thing when they launched OS-X and decreed that it would be totally new and things would need to be written again for it. I wish MS had been made of sterner stuff and not backed away from putting their house in order for the sake of backwards compatibility when they released Vista and 7.

    MS, please sort your OS out, then I might be persuaded to have another look and let you back into my business.

  19. The Mighty Biff

    Best thread evah

    Well. today anyway. Lord knows what would happen if some of you lot bumped into Mrs Bardell (Sexton Blake's housekeeper, not the Dicken's one). You'd explode like a tyrannical Star Trek computer confronted by a logical impossibility.

    Now it's off to the shops to buy myself some decimated coconut.

  20. Anonymous Coward
    Grenade

    So...

    ...who else killed a bunch of zombies this morning? No? Didn't think so.

    Nice one Microsoft. Keep it up guys.

    While we're talking about who's fault it all is, some of the infection vectors are due to the OS.

    Mostly, they're due to the bag of water between the keyboard and the chair.

    Yours truly (and safely),

    a Mac User

  21. Steve Evans

    Well...

    If recent drop in emails I have got recently through my mail servers advertising various magical pills and from my "bank" (The later usually containing hysterical spelling mistakes) is anything to go by I believe they must have done something right.

    On the flip side, I've noticed an increase in emails of the "from My ISP" variety saying I need to update email setting and to run the attached zipped exe to do it automatically.

    So I guess that means the zombie herders are trying to recruit new members to replace their fallen comrades.

This topic is closed for new posts.