

Researchers take down Koobface servers  - labboy
http://www.networkworld.com/news/2010/111310-researchers-take-down-koobface.html

======
mattmanser
The only thing I don't get about events like this where a botnet is stopped is
that if the security researchers have caught it and also can get control of
the servers through law enforcement, why don't they turn them on itself and
tell the infected machine to download a program which clears the infection?

Is it too complicated, or perhaps perversely against the law?

The other one is like the recent worm that was peer-to-peering the commands.
Why can't they just take it over?

~~~
pronoiac
I've read of attempts to virally spread vaccines; stuff broke. There would be
liability issues & getting to support everyone whose computers you clean.

------
VladRussian
"They also messed up their victims' search results to trick them into clicking
on online ads, generating referral money from advertising companies. More cash
came from fake antivirus software that Koobface can sneak onto victims' PCs. "

surrealism.

