However within hours of Kaspersky Labs making public their findings on Red October, the command and control server infrastructure began to be dismantled:
"The attackers started dismantling the infrastructure last night [14 January] at 11pm GMT, by taking down some of the C2s [command servers] and superproxies," Costin Raiu, senior security researcher at Kaspersky Labs said.
"At the same time, ISPs have shut down some of the C2s while registrars have killed the domain names. Currently, there are still some active servers, however, the infrastructure is severely disrupted and mostly not working anymore.""
Link to Original Source