Microsoft is to offer a real-time intelligence feed of botnet and e-crime data to public and private sector subscribers, according to security company Kaspersky. Currently, Microsoft is testing a real-time feed to distribute information collected from several sources on major botnets, including Rustock, Waldec and Kelihos networks.
Partners would be able to access the information using application program interfaces (APIs) that would be provided free by Microsoft. Data from networks of compromised computers will be among the information on offer to ISPs, CERTs, government agencies and private companies, Kaspersky said.
Microsoft will have a lot of data in this system already as anyone who has watched the company’s spectacular attacks on the Kelihos botnet last summer will attest, adding to similar campaigns against Rustock and Waledec, will vouch for. "Companies could use the data to look for opportunistic malware infections that often accompany botnet infections, or correlate data on botnet hosts with data on click fraud and other scams," Kaspersky noted. A number of organisations, including the UK government, have called for greater data-sharing to combat e-crime.