Microsoft details Rustock botnet takedown

1 Hour Ago

Microsoft details Rustock botnet takedown

A million bots at a loose end, still infected.

Microsoft has revealed how it decapitated one of the world?s largest botnets, Rustock, capable of sending out billions of pharmaceutical spam a day.

The sudden end to Rustock spam late last week was the ?denouement? of a multi-month joint effort codenamed "Operation b107" between Microsoft, drug company Pfizer and authorities in the US and the Netherlands.

The takedown was both technical and legal, with Microsoft employing the same strategy it used against the Waledac botnet operators by filing a "John Doe" law suit against the anonymous operators of Rustock.

Arguing its case for a court order to be issued, Microsoft told a Washington Seattle District Court that the unknown botnet operator had caused harm to Microsoft and other members of the public in Washington.

At its height in 2010, Rustock was responsible for 47.5 per cent of the world's spam, according to Symantec.

After obtaining the court order, US Marshalls officers last week seized Rustock?s command and control servers from five hosting centres in seven locations across the US.

Full Story:

formatting link

Cheers Don...

====================================

--
Don McKenzie

Dontronics Blog:     http://www.GodzillaSeaMonkey.com
 Click to see the full signature
Reply to
Don McKenzie
Loading thread data ...

formatting link

It made a big difference! Never thought I'd say - Well done Microsoft!

Reply to
David Eather

tnets, Rustock, capable of sending out billions

a multi-month joint effort codenamed "Operation

d the Netherlands.

ame strategy it used against the Waledac botnet

of Rustock.

ton Seattle District Court that the unknown

lic in Washington.

orld's spam, according to Symantec.

ustock=92s command and control servers from five

-botnet...

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

And within a short time, it will be back up and running again as though nothing happened

Reply to
kreed

Rustock, capable of sending out billions

multi-month joint effort codenamed "Operation

the Netherlands.

strategy it used against the Waledac botnet

Rustock.

Seattle District Court that the unknown

in Washington.

world's spam, according to Symantec.

Rustock?s command and control servers from five

Story:

formatting link

month:

formatting link

Possibly but it all comes down to the degree of prosecution and incarceration

--
X-No-Archive: Yes
Reply to
atec77

Wikipedia just reported its demise.

formatting link

Rustock botnet From Wikipedia, the free encyclopedia

The Rustock botnet was a botnet that operated from around 2006 until March 2011.

Cheers Don...

=========================

--
Don McKenzie

Dontronics Blog:     http://www.GodzillaSeaMonkey.com
 Click to see the full signature
Reply to
Don McKenzie

Never bothered us being filtered at my news server

--
X-No-Archive: Yes
Reply to
atec77

formatting link

Good news indeed. Just goes to show what can be done if enough money, lawyers and influence is thrown at the problem. Hope this isn't the end of it and progress is being made at tracking down the anonymous operators. I suggest that a speedy trial and public hanging from the nearest lamp post would be a fair thing.

I've just read a message in my spam trap from a nice Christian Dutch lady who is terminally ill in hospital. In accordance with her late husbands wishes she wants to transfer her entire fortune to me so that I can distribute it to worthy charitable causes. Well it makes a change from emails from the brother-in-law of the late Oil Minister of Nigeria. PH

Reply to
Peter Howard

For a minute there, I thought Microshit might have fixed the actual Problem, their own servers spam detection (useless at the best of times)

But no, it's easier to shut down the network creating the spam than fix their own software.

Reply to
son of a bitch

Funny, but I haven't seen pharma spam for years. The servers were well listed on spam blockers that I use.

Reply to
terryc

Likely to be none.

Sylvia.

Reply to
Sylvia Else

Rod Speed is reported to be very upset.

No where now to buy his Viagra!

Reply to
Polly the Parrott

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.