U.S. officials have disabled a botnet that steals data from infected computers as part of the "most complete and comprehensive enforcement action ever taken by U.S. authorities to disable an international botnet," according to a statement from the Department of Justice.
It's the first time law enforcement in the U.S. has requested permission from a court to take control of a botnet, according to a request for a temporary restraining order that was granted. Similar action was taken by Dutch officials who downloaded "good" software to computers infected with Bredolab botnet malware, the filing said.
In this case the malware, called "Coreflood," records keystrokes and private communications, enabling it to steal usernames, passwords, and other private personal and financial information. Once a computer is infected with Coreflood, the malware communicates with a command-and-control server, allowing it to remotely control the compromised computer. The botnet is believed to have infected more than 2 million Windows-based computers worldwide in nearly 10 years.
For more on this story, read U.S. shutters botnet, can disable malware remotely on CNET News.