The control servers of the Bamital botnet were taken offline on Wednesday as a result of a joint effort between the Microsoft Digital Crimes Unit & Symantec, Richard Boscovich, Assistant General Counsel of Microsoft Digital Crimes Unit, reported on the Official Microsoft Blog.
The Bamital botnet was used to hijack search results in order to redirect users to malicious sites that would steal personal information, conduct drive-by-downloads, or commit click fraud.
One thing that sets this particular botnet takedown apart from the rest is that Microsoft & Symantec are proactively notifying Bamital victims that their computers are infected and offer help on how to remove the malware.
This is great news since Boscovich wrote that more than eight million computers are said to have been attacked by Bamital malware in the last 2 years.
Official Microsoft Webpage Shown to Users with Bamital-Infected Computers
So if you see the following page when attempting to do an online search, don’t ignore it! The page is legitimate, and your PC will need to be cleansed of Bamital malware:
Didn’t expect this page?
You were likely trying to conduct a web search before you got to this page, however your computer is believed to be infected with malware known as bamital, which interferes with web search. Please read and follow the instructions on this page to resolve the issue.
Why am I here?
You have reached this website because your computer is very likely to be infected by malware that redirects the results of your search queries. You will receive this notification until you remove the malware from your computer.
The official page goes on to offer two free malware removal tools by Microsoft & Symantec, both of which are capable of detecting and removing Bamital malware:
The dismantling of the Bamital botnet (aka Operation b58) marks the 6th botnet takedown operation completed by Microsoft under Project MARS (Microsoft Active Response for Security), and the second done in cooperation with Symantec.
Keep up the good work, guys!