Last week's Coreflood botnet shutdown looks to be have been successful, but the case raises some interesting questions about how the fight against computer crime will be handled in the future.
Coreflood was a large botnet that had infected over two million PCs around the world. The code to control it has been around for nearly a decade, and some estimates suggest that it was responsible for up to a third of spam at one point.
Coreflood was a good target for shutdown, but the way that the FBI and Department of Justice acted was unusual.
After identifying the botnet's command-and-control (C&C) servers, federal agents replaced them with their own systems. These waited for infected machines to register with the servers, and then sent out a message to the malware telling it to shut down.
Noa Bar-Yosef, senior security strategist at Imperva, told V3.co.uk that the researchers/federal agents had approached the task in an interesting way.
"The alternative C&C server is going to log all IPs interacting with it. With these lists in hand they're planning to work with ISPs so that the ISPs can inform their customers that they are infected," he said.
The tactics differ sharply from those used in the Rustock botnet shutdown last month. The C&C servers were simply replaced with blank drives, with the help of federal agents, and the malware servers taken away for analysis. Such a technique is non-intrusive, in comparison to government tactics.
The Electronic Frontier Foundation (EFF) and others have reportedly objected to the tactics, since they set a legal precedent.
If the principle of allowing an official agency to use malware to download code onto infected systems becomes accepted, IT managers and individuals face difficult times ahead.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago