In an analysis of Virut botnet samples, Symantec researchers observed the malware downloading Waledac variants, suggesting that the gangs responsible for each botnet may be cooperating with one another through some sort of affiliate program, or, at the very least, that the two threats coexist and function on single infected machines. Read More ..
Virut’s command and control server domains recently suffered a temporary outage because of judicial proceedings in its host-country, Poland. The outage gave Symantec’s researchers an opportunity to gather information about the network. They determined that botnet consists of more than 308,000 uniquely compromised machines and that its primary function is to pump out spam and other malicious emails.
Waledac, on the other hand, is pretty well-known. It’s one of those security industry problems, like Conficker and AutoRun, that just never seems to go away. Microsoft famously crippled the thing in a 2010 takedown-attempt, but it has resurfaced since then.