Final Score: MS–1, “Rustock” Botnet - 0

from JoeUser Forums

 

 

Microsoft has brought down Rustock, a notorious botnet responsible for sending billions of spam emails, the company said in a blog post.

Microsoft said the botnet had infected millions of computers and was sending out fake Microsoft lottery scams, and offers to sell fake prescription drugs.

Here is some detail from Microsoft’s blog:
“Today, I’m happy to announce that based on the knowledge gained in that effort, we have successfully taken down a larger, more notorious and complex botnet known as Rustock. This botnet is estimated to have approximately a million infected computers operating under its control and has been known to be capable of sending billions of spam mails every day, including fake Microsoft lottery scams and offers for fake – and potentially dangerous – prescription drugs.”

After receiving permission from the US District Court for the Western District of Washington, Microsoft has mounted a coordinated action with the US Marshals Service and executed a number of online and offline actions that resulted in Rustock's takedown.

"Specifically, servers were seized from five hosting providers operating in seven cities in the U.S., including Kansas City, Scranton, Denver, Dallas, Chicago, Seattle, Columbus and, with help from the upstream providers, we successfully severed the IP addresses that controlled the botnet, cutting off communication and disabling it."

"Microsoft also worked with the Dutch High Tech Crime Unit within the Netherlands Police Agency to help dismantle part of the command structure for the botnet operating outside of the United States. Additionally, Microsoft worked with CN-CERT in blocking the registration of domains in China that Rustock could have used for future command and control servers."

Now is the time to work on cleaning up the huge number of infected computers. Maybe putting the fix in an MS Tuesday update might help? Not really. It’s going to take a lot of work to do that.

Oddly enough, what led to Rustock’s downfall was the use of MS’s logo which is tm’d. That abuse gave the Court the ability to OK the takedown.

I.P. really does count for something!

23,141 views 14 replies
Reply #1 from WinCustomize Forums Top

Score one for the good guys. Nice!

Reply #2 from Sins Forums Top

Yay.

 

:fox:

Offworld Trading Company
Reply #3 from Elemental Forums Top

More like MS+police 1 - Spammers 6 000 000 000 000 000 (that's a lot of zeroes!)

Reply #4 from WinCustomize Forums Top

Well I gripe about them when I think they deserve it so I guess this time I should say

Way to friggin' go Microsoft!  :thumbsup:

Reply #5 from WinCustomize Forums Top

Now that their servers have been taken down, the infected computers have no CnC to control them... as for other botnets? They can see the handwriting on the wall: "You're history."

Me likes a whole lot.

BTW... check this out: http://www.huffingtonpost.com/2011/03/17/microsoft-most-ethical-company_n_837003.html

Reply #6 from WinCustomize Forums Top

it just scraped the tip of the Iceberg but it's a start

Reply #7 from WinCustomize Forums Top

Google is facing antitrust scrutiny from the US government? Who'da thunk it. Starkers is gonna go ga ga over this. :rofl: :rofl:

Reply #8 from WinCustomize Forums Top

Yes! :)

Reply #9 from WinCustomize Forums Top

Google is facing antitrust scrutiny from the US government? Who'da thunk it. Starkers is gonna go ga ga over this.
End of quote

Ga ga?  Try 'goo goo ga ga, goo goo, go US Gov''t.  I'd love to see Google brought down a notch or 3 x 3 x 3 x 3 x 3 x 3 x3 ................... x 3 x 3

:w00t:

As for the bot take-down, the process would be a whole lot more satisfying if they actually had hands on the bastards behind it... like arrests and instant gonad removal.

Reply #10 from Demigod Forums Top

Thanks for the post.  Really happy to hear that one less nasty thing will be out and about on the internet. 

Side note... does MS give a rip if their name isn't used?  Wonder what keeps the same thing from happening if another IP is used...

Reply #11 from WinCustomize Forums Top

The sad thing I see about this is that there are thousands of folks whose computers are infected and they don't even have a clue! It amazes me the amount of people that do not protect their systems from such as this!:')

Reply #12 from JoeUser Forums Top

Quoting DrJBHL, reply 5
BTW... check this out: http://www.huffingtonpost.com/2011/03/17/microsoft-most-ethical-company_n_837003.html
End of DrJBHL's quote

Eh - they are entitled to their opinion.  Their taking down the botnet is a good thing, but Microsoft is not the most or even very ethical.  I still remember DR DOS, WordPerfect, Corel Draw, Easy Calc 123, etc.  And those are just cases they lost.

Reply #13 from WinCustomize Forums Top

^ Ya the article makes a quick reference to their past antitrust suits and then kind of says "after that".  On the one hand it's good that they're doing what they're doing now.  On the other hand, I suspect it's a lot easier to be ethical and take the high road after you've savagely obliterated your competition.

Reply #14 from JoeUser Forums Top

Quoting DaveRI, reply 13
^ Ya the article makes a quick reference to their past antitrust suits and then kind of says "after that".  On the one hand it's good that they're doing what they're doing now.  On the other hand, I suspect it's a lot easier to be ethical and take the high road after you've savagely obliterated your competition.
End of DaveRI's quote

:grin: Very True!