@AzuMao Complete access, disinfection is of course possible.
Good thinking, by the way. In fact, I've already discussed the exact same approach, 2 years ago:
http://ddanchev.blogspot.com/2008/06/using-market-forces-to-disrupt-botnets.html
"For instance, 1000 bots go for $25 bucks, there are however propositions offering 10,000 bots for $50 bucks, theoretically, as there's always the suspicion that they won't deliver the goods and you'll end up with a situation where scammers scam the scammers, for $1000 you can buy a 100k infected PCs, and for another $100,000 a million infected PCs.
So what? Well, establishing a task force to periodically purchase already infected PCs and disinfecting them, of course, in a opt-in fashion on behalf of the end users in order to please the paper tigers, stating that if their government can magically help them fight malware, they're interested, is one of the many ways market forces could be used to directly mess up with the oversupply of botnets for sale."
The problem? It's a similar one to a situation where a botnet is disrupted, but the hundreds of thousands of infected users, remain just as gullible and exploitable as they were before it was shut down.
And since there's no major shift in their awareness, it's only a matter of time until they get infected again, with the task force/government in question ironically turning into a major customer.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
