In the case of the recent Bredolab botnet, it was the Dutch police who stepped up. Following a concerted effort involving members of several security firms and the Dutch National Crime Squad, more than 140 Bredolab servers were seized. Here's where this story really gets good.
After they successfully gained control of the servers, the Dutch Police put the botnet to creative use -- pushing notifications to infected users and providing links to a removal tool. Sophos Labs' Graham Cluely mentions that as many as 30 million PCs may have been infected by Bredo, so what better way to notify users than via the botnet's own plumbing?
Source: DownloadSquad
vBulletin Message