Last week, Microsoft obtained permission from a judge to shut down 276 Web domains created by cyber criminals to spread spam. After the domains were shuttered, Microsoft shared its list of infected computer addresses with Cox Communications. The MSO then contacted some 500 customers who had reported problems and helped them to cleanse their computers.
According to a USA Today story, the domains were used to send instructions to hundreds of thousands of computers that had been hijacked to spread spam. The particular virus in this case is known as the “Waledac botnet.” Commented Jason Zabek, safety manager at Cox, "Thank goodness Cox was not hosting any of these sites."
Zabek explained that hackers constantly are adapting to conditions. In the past, they would take over an individual’s computer and use it to send 10,000 spam e-mails; now, they’re hijacking more than 10,000 computers and sending far fewer e-mails from each. That way, computer owners aren’t alerted to a problem.
"You don’t want to leave a virus on a computer," he said. "In a couple of months, maybe (another hacker) uses (the virus) if it’s still sitting on the computer. Once we get the virus off, there’s nothing there (to which hackers can connect)."
Cox helped its customers clean their computers because “it’s the right thing to do," Zabek said, but he also acknowledged "it helps our bandwidth and helps cut down on customer service calls as well."
Cox does offer security to its Internet customers through a partnership with McAfee, but Zabek said the affected customers either weren’t running the security software or were running an old version that didn’t stop the Waledac botnet.