The latest network routers, software, management tools and information for enterprise IT administrators.

Feds Will Remotely Uninstall Coreflood Botnet

The FBI has identified infected computers. Those infected are the PCs targeted for the remote eradication once written consent is received.

By Kara Reeder

Page of | Back to Page 1

Over the next few weeks, federal authorities will remotely uninstall the Coreflood botnet Trojan from infected Windows PCs after the owners have been identified by the Department of Justice and have submitted an authorization form to the FBI, reports Computerworld.

Earlier this month, U.S. authorities shut down a crime ring that used Coreflood to tether millions of PCs to a botnet that stole banking credentials and other sensitive data. Authorities seized five major computer servers, as well as 29 domain names the botnet used to communicate with those servers.

The FBI has identified infected computers. Those infected are the PCs targeted for the remote eradication once written consent is received. There are some risks with the uninstall, notes the consent form:

While the 'uninstall' command has been tested by the FBI and appears to work, it is nevertheless possible that the execution of the 'uninstall' command may produce unanticipated consequences, including damage to the infected computers.

However, FBI Special Agent Briana Neumiller assures victims:

The process does not affect any user files on an infected computer, nor does it ... access any data on the infected computer.

This article was originally published on Apr 27, 2011

Get the Latest Scoop with Networking Update Newsletter

Thanks for your registration, follow us on our social networks to keep up-to-date