The Department of Justice and the FBI took aggressive action against the Coreflood botnet this week. They not only seized domain names and some hardware, they also received permission to actively respond to infected machines. This TRO allows the government to intercept and respond to infected computers. This essentially cuts off the botnet at it’s knees.
I haven’t heard any comments on the impact this takedown had on spam levels, but not all botnets are used for spamming. Other uses are for cracking, hosting scam and phishing websites and denial of service attacks.
This is the second major botnet takedown in recent weeks. These investigations and takedowns consume a lot of resources, but it’s good to see law enforcement getting involved. Filtering only goes so far and receivers can’t keep increasing their infrastructure indefinitely.