Identified as a "bot" network- as the malware can be managed distantly like a robot- it compromises machines with a software program called Coreflood, which downloads itself by finding out the vulnerability in systems, that are running Windows operating systems.
The legal actions are the key components of the "most complete and inclusive enforcement action ever taken by the U.S. authorities to put out of action an international botnet", as per the statement from the Department of Justice, reports cnet News on April 13, 2011.
As per a request from a temporary restraining order that was granted, it's the first time USA law enforcement has taken consent from a court for controlling a botnet.
This malware (Coreflood) stores keystrokes and personal communications, making it enable to compromise login details, like passwords, and other personal and monetary data. Once a system is compromised with Coreflood, the malware contacts a command-and-control server, allowing it to distantly control the compromised machine.
The government replaced the unauthentic command and control servers with substitute servers to prevent Coreflood from being used for any more harmful activity.
U.S. Attorney David B. Fein for the District of Connecticut stated that the seizure of the Coreflood servers and Internet domain names can stop hackers from using Coreflood or systems infected by Coreflood for their evil purpose. He stated that he wished that his industry partners to work in cognition with the law enforcement in order to attain this great result, as per the news by CRN on April 13, 2011.
But, it is impossible to know exactly the number of victims claimed by Coreflood, as machines are continuously being infected, disinfected and sometimes reinfected. While investigators estimated 413, 710 infected machines from March 2009 to January 2010, the total number of machines those were, or had been, part of Coreflood is more than 2.3 million, with almost 1.8 million seems to be located in the USA.