Subscribe to AfterDawn's weekly newsletter.
Waledac is a spambot that is delivered to a computer through malware, such as Conficker E. Waledac formed into a botnet comprised of tens of thousands of infected machines (or Zombies as they are called). Waledac has been used to spread potentially billions of spam messages in order to spread itself and deliver all kinds of malicious software.
It is estimated to be capable of spreading 1.5 billion spam e-mails a day. In a recent analysis, Microsoft found that between December 3-21, 2009, approximately 651 million spam emails attributable to Waledac were directed to Hotmail accounts alone, including offers and scams related to online pharmacies, imitation goods, jobs, penny stocks and more.
On February 22nd, 2009, after months of investigation into the Waledac botnet, Microsoft convinced a federal Judge to order the temporary suspension of 277 .com domains that Microsoft found to be helping to spread the Waledac malware. The effectiveness of the move is not yet known, but security experts are divided on whether or not it is a positive move. Some concerns about vigilantism on the part of companies like Microsoft were raised after the court's decision was announced.
The action was aimed at disconnecting the "bot herders" (the people who control the botnet) from the botnet itself, stopping them from giving new instructions to the botnet. The action doesn't help to dismantle the network however, as tens of thousands of computers remain infected and vulnerable. The media attention surrounding the case might have an effect in this area however.
The Microsoft Windows's Malicious Software Removal Tool is capable of detecting and removing Waledac and its associated malware.