Rustock spam botnet felled by Microsoft and the feds

Rustock was one of the biggest botnets in the world, producing more e-mail spam than any other network. But early yesterday, it ceased sending spam. Investigators at Microsoft uncovered Rustock’s owners, and law enforcement swooped in to shut it down.

The shutdown is one of the rare victories against cybercriminals who use botnets, or herds of compromised computers, to wreak havoc on the internet. It shows that technology can be used to perpetrate cyber crime as well as to hunt down cyber criminals.

And while it’s a big victory, it has not yet had a big effect on the overall amount of spam around the world, according to Symantec.

“This botnet is estimated to have approximately a million infected computers operating under its control and has been known to be capable of sending billions of spam mails every day,” Richard Boscovich, senior attorney in the Microsoft Digital Crimes Unit, said in a blog post today.

The Wall Street Journal first reported that Boscovich’s unit worked with U.S. marshals on the case. They raided seven hosting facilities across the U.S. and seized the servers that ran the network. Those servers are used to send instructions to the infected computers around the world so that they send out spam messages for items such as fake lottery ticket winners. The investigators called the case Operation b107.

Even while Symantec said that spam seems to have flowed in another direction, the company said that Rustock was responsible for 39 percent of the world’s spam. Last November, spam dropped 12 percent after Dutch authorities seized a network dubbed Bredolab.

Microsoft’s digital crimes unit works closely with law enforcement to eliminate cybercrime.

[image credit: thetechherald]

Topics >

blog comments powered by Disqus