dcsimg

Feds Will Remotely Uninstall Coreflood Botnet

The FBI has identified infected computers. Those infected are the PCs targeted for the remote eradication once written consent is received.

 By Kara Reeder | Posted Apr 27, 2011
Page of   |  Back to Page 1
Print Article
Over the next few weeks, federal authorities will remotely uninstall the Coreflood botnet Trojan from infected Windows PCs after the owners have been identified by the Department of Justice and have submitted an authorization form to the FBI, reports Computerworld.

Earlier this month, U.S. authorities shut down a crime ring that used Coreflood to tether millions of PCs to a botnet that stole banking credentials and other sensitive data. Authorities seized five major computer servers, as well as 29 domain names the botnet used to communicate with those servers.

The FBI has identified infected computers. Those infected are the PCs targeted for the remote eradication once written consent is received. There are some risks with the uninstall, notes the consent form:

While the 'uninstall' command has been tested by the FBI and appears to work, it is nevertheless possible that the execution of the 'uninstall' command may produce unanticipated consequences, including damage to the infected computers.

However, FBI Special Agent Briana Neumiller assures victims:

The process does not affect any user files on an infected computer, nor does it ... access any data on the infected computer.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.