Security researchers were able to decommission a number of domain names used by cyber crook s to load the Virut malware into computers, according to international non-profit, anti-spam organization The Spamhous Project Ltd.
Spamhouse worked with the Polish Computer Emergency Response Team (CERT.pl), NASK, the home.pl domain registrar and Group-IB a Russian information security firm in the crackdown.
“NASK has taken over multiple domain names used for criminal activities, making their further usage for illegal purposes impossible,” CERT Poland said in a statement on its Web site. “The domain names were used to spread and control a dangerous malware known as ‘Virut’.”
Virut has been one of the most “disturbing threats” in the Internet since 2006, according to CERT.
Spamhous said Virut is a worm that typically spreads through removable drives such as USB sticks and network shares but can also proliferate via file infection. It is estimated to have infected no less than 300,000 computers.
Among the domain names used by cyber criminals to distribute Virut are “mainly within the .pl ccTLD (poland), but also within the .ru ccTLD (Russia) and the .at ccTLD (Austria),” said Spamhous in a statement. “These domains are registered by the operators of Virut to control the botnet.”