Friendly takeover: FBI controls bot PCs
On Tuesday evening, the FBI shut down the Coreflood botnet but also took a step that will probably cause a lot of discussion among security experts. The US authorities are temporarily accessing victims' computers to remove the contaminant from the systems. If a computer infected with the bot tries to contact a command-and-control server, it lands on a server controlled by the FBI, which sends out a kill command. The malicious software is then disabled until the system reboots.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump