Although the infected PCs are still operational, the previously-planted malware that tells them what to do cannot receive instructions because of the shutdown last week of McColo Corp.
"Half a million bots are either offline or not communicating" with their command-and-control servers, estimated , director of malware research at
The California firm was disconnected from the Internet by its upstream service providers at the urging of researchers who believed the company's servers hosted a staggering amount of cybercriminal activity, including the command-and-control servers of some of the planet's biggest botnets. Those collections of infected PCs were responsible for as much as 75% of the spam sent worldwide; when McColo went dark, spam volumes in a matter of hours.
The McColo takedown resulted in a record number of bots being severed from their hacker controllers by any single event, Stewart said. He compared it to last September, when 's anti-malware utility, the Malicious Software Removal Tool (MSRT), of the infamous Storm Trojan.
"That had a good impact, but it didn't stop the flow of spam globally," Stewart said of the MSRT takedown. "It didn't make a difference to other botnets that were still spamming away."