Microsoft Brings Rustock Down

Rustock is dead, thanks to Microsoft. As of 11:30am Wednesday, March 16^th, it has ceased sending spam completely. The company, with the help of the U.S. Marshalls, killed the giant botnet by raiding ISPs and Internet hosting facilities in Kansas City, Mo.; Scranton, Pa.; Denver; Dallas; Chicago; Seattle and Columbus, Ohio. The company seized computers and hard drives which it claimed where the botnet’s command and control servers. The court order granting them the right to do so was granted as a result of a lawsuit they filed against the still unknown criminals behind Rustock.

“This botnet is estimated to have approximately a million infected computers operating under its control and has been known to be capable of sending billions of spam mails every day,” Richard Boscovich, senior attorney in the Microsoft Digital Crimes Unit, wrote in a blog post today.

Microsoft claims the owners of Rustock have infringed on their trademark by sending advance fee fraud spam that claimed the recipients had won a lottery sponsored by the company, and also that the pharmaceutical spam pumped out by the botnet taxed Hotmail’s servers and exploited vulnerabilities in Microsoft products like Office and Outlook.

This is the company’s second victory against spammers. Last year they confiscated thousands of IP addresses being used by the Waledec botnet and managed to bring that spam operation to its knees as well.

Will Rustock rise again? That remains to be seen, but it’s likely that if it doesn’t a new one will be happy to take its place. In the meantime, its death has knocked spam levels down significantly, so let’s enjoy it while we can!