Media Coverage

Shadowserver in the news

Microsoft Recruited Top Notch Guns for Waledac Takedown

PC World, February 25, 2010

Four days ago, top-notch computer security researchers launched an assault on Waledac, a highly sophisticated botnet responsible for spreading spam and malicious software. As of Thursday, more than 60,000 PCs worldwide that have been infected with malicious code are now under the control of researchers, marking the effort one of the most highly successful coordinated against organized cybercrime.

Shadowserver to take over as Mega-D botnet herder

Network World, November 17, 2009
An effort is underway to clean up tens of thousands of computers infected with malicious software known for churning out thousands of spam messages per hour. The infected computers are part of a botnet called Ozdok or Mega-D, which at one time was sending out around 4 percent of the world’s spam messages. Last week, security vendor FireEye launched a drive to dismantle the botnet. But FireEye has now handed control of those bots over to Shadowserver, a volunteer-run organization that tracks botnets.

Botnet Hunters

CIO, November 17, 2009

By day, Andre DiMino is a professional digital forensic analyst. By night, he serves as director of an organization known as Shadowserver Foundation, a group of volunteers dedicated to sleuthing out cybercriminals and shutting them down. Here’s his story.

A Robot Network Seeks to Enlist Your Computer

New York Times, October 12, 2008

REDMOND, Wash. — In a windowless room on Microsoft’s campus here, T. J. Campana, a cybercrime investigator, connects an unprotected computer running an early version of Windows XP to the Internet. In about 30 seconds the computer is “owned.”

Before the Gunfire, Cyberattacks

New York Times, August 12, 2008

Weeks before bombs started falling on Georgia, a security researcher in suburban Massachusetts was watching an attack against the country in cyberspace. Researchers at Shadowserver, a volunteer group that tracks malicious network activity, reported that the Web site of the Georgian president, Mikheil Saakashvili, had been rendered inoperable for 24 hours by multiple D.D.O.S. attacks. They said the command and control server that directed the attack was based in the United States and had come online several weeks before it began the assault.

The Shadowserver Foundation

Risky Business, May 20, 2008

You may or may not have heard of the Shadowserver foundation. It’s a volunteer run organisation designed to track malware, botnet activity and electronic fraud.

An Inside Look at the Russian Business Network

Dark Reading, January 11, 2008

A new white paper published by the nonprofit botnet-tracker Shadowserver Foundation sheds some light on one segment of activity on the Russian Business Network (RBN).

Bringing Botnets Out of the Shadows

Washington Post, March 21, 2006

Nicholas Albright’s first foray into some of the darkest alleys of the Internet came in November 2004, shortly after his father committed suicide. About a month following his father’s death, Albright discovered that online criminals had broken into his dad’s personal computer and programmed it to serve as part of a worldwide, distributed network for storing pirated software and movies.