It was great to read this morning about Microsoft successfully concluding its civil case against the Rustock botnet operators, and referring the matter, along with all the evidence it has discovered, to the FBI for criminal review. Readers may recall the first report on the breakthrough back in March with Taking Down Botnets: Microsoft and the Rustock Botnet.
The good news today was on two fronts.
On the civil side, Judge James L. Robart, of the U.S. District Court for the Western District of Washington ruled that the domain names and Internet protocol addresses used to host the Rustock botnet would be effectively removed from the defendants’ control. This drives a final nail in the coffin of a botnet known to be one of the single largest sources of spam on the Internet, helping to ensure that it will never be used for cybercrime again.
On the criminal side, by giving the FBI all of the evidence collected during the investigation, Microsoft is helping to enable the appropriate authorities are armed to seek those responsible for operating the Rustock botnet and hold them accountable for their actions.
In CNET’s Sept. 22 article Microsoft hands Rustock botnet case over to FBI, writer Jay Greene notes that Microsoft gathered some of its information by issuing a $250,000 bounty in July for new information resulting in the identification, arrest, and criminal conviction of the Rustock leaders.
Greene quotes Richard Boscovich, Senior Attorney in the Microsoft Digital Crimes Unit, as crediting the reward with generating 20 to 50 tips a day of varying quality when it was first issued. Some, he noted, came from sources apparently engaged in similar botnet activities from Eastern Europe. Boscovich was quoted, “We’ve gotten some good leads from some interesting sources.”
Microsoft ‘s $250,000 reward offer for information that leads to the arrest and conviction of Rustock’s operators remains in effect. Tips should be sent directly to the FBI at MS_Referrals@ic.fbi.gov.