Microsoft takes down massive botnet via legal action

By on March 18, 2011, 10:47 AM
Microsoft and federal law enforcement agents have seized computer equipment from Internet hosting facilities across the US to cripple the largest source of junk e-mail on the Internet: the Rustock botnet. The software giant launched the raids as part of a civil lawsuit filed in federal court in Seattle last month against the unnamed operators of the botnet, which was composed of more than 1 million machines worldwide.

US marshals accompanied employees of Microsoft's digital crimes unit into Internet hosting facilities in Kansas City, Scranton, Denver, Dallas, Chicago, Seattle, and Columbus. The Microsoft officials had a federal court order granting them permission to seize command-and-control computers within the facilities alleged to be owned by the operators of the Rustock botnet, which accounted for nearly half of all spam at the end of last year.

Redmond says it confiscated dozens of hard drives and a handful of computers from the hosting providers as part of the raid. Microsoft officials said they had to seize actual computer equipment connected to the botnet because the masterminds behind Rustock designed their infected computers to receive instructions from IP addresses tied to specific command-and-control machines.

"Spam is annoying and it can advertise potentially dangerous or illegal products," a Microsoft spokesperson said in a statement. "It is also significant as a symptom of greater threats to Internet health. Although Rustock's primary use appears to have been to send spam, it's important to note that a large botnet can be used for almost any cybercrime a bot-herder can dream up. Botnets are powerful and, with a simple command, can be switched from a spambot to a password thief or DDOS attacker."

Botnets are created when malware infects hundreds or thousands of computers in a way to allow criminals to control them for distributing enormous volumes of spam. Infected computers are typically owned by people who have no idea their machines are being used by outsiders to send spam. Because Windows is on the majority of computers, the most effective malware specifically exploits vulnerabilities in Microsoft's operating system for PCs.

As a result, Microsoft has become more and more involved in legal actions against any form of mass malware that harms its products and reputation. Spam taxes the servers of its Windows Live Hotmail service, and impacts the Internet experience of Windows users.





User Comments: 13

Got something to say? Post a comment
Guest said:

Isn't it nice that a civil matter can now allow the company suing someone raid the office of the defendant and seize personal equipment. Not saying that their seizing the machines is not great, but it should not be as a result of CIVIL lawsuit. Raids and seizures should be a matter of criminal law. Seems like more and more companies are doing it -- Sony with the PS3 hacker, Microsoft with the botnet.

Next thing you know RIAA will raid and seize my house because I have a redbox DVD that I forgot to return...

yRaz yRaz said:

Guest said:

Isn't it nice that a civil matter can now allow the company suing someone raid the office of the defendant and seize personal equipment. Not saying that their seizing the machines is not great, but it should not be as a result of CIVIL lawsuit. Raids and seizures should be a matter of criminal law. Seems like more and more companies are doing it -- Sony with the PS3 hacker, Microsoft with the botnet.

Next thing you know RIAA will raid and seize my house because I have a redbox DVD that I forgot to return...

SHHHH! They might subpoena the IP addresses of anyone who viewed this page.

NeoFryBoy said:

Guest said:

Isn't it nice that a civil matter can now allow the company suing someone raid the office of the defendant and seize personal equipment. Not saying that their seizing the machines is not great, but it should not be as a result of CIVIL lawsuit. Raids and seizures should be a matter of criminal law. Seems like more and more companies are doing it -- Sony with the PS3 hacker, Microsoft with the botnet.

Next thing you know RIAA will raid and seize my house because I have a redbox DVD that I forgot to return...

Well, no one "raided" the PS3 hacker. The court ordered that he hand over evidence. A list of IPs that accessed his site is proof of how widespread his hack is, and how many people are willing to pirate games.

As for this case spam is cyber-crime.

Lastly, you pay for the redbox DVD everyday.

Benny26 Benny26, TechSpot Paladin, said:

Some good news eh.

Can't stand spam email..Some ***wipe's sending spam from my hotmail to all my mates and i can't get to the bottom of it.

Guest said:

Try changing your hotmail password.

Guest said:

If they hadn't come up with such a long string of sub-par operating systems, thereby inventing both the opportunity to process huge volumes of spam, and the niche markets for anti-spam and security software ... well, we wouldn't have this problem in the first place.

The BEST things in life is FREE.

Benny26 Benny26, TechSpot Paladin, said:

Try changing your hotmail password.

C'mon man....

Guest said:

Benny26.....its a trojan virus thats infected/compromised your computer thats how its able to retrieve all your contacts from your address book and constantly spam them!

Essentially its part of botnet now sending out spam emails (with the virus?) to all your contacts.

Mizzou Mizzou said:

Shortly after this announcement there was a brief but noticable drop in the amount of spam I was receiving. But the first two days this week it's jumped right back up and is even a bit higher than before, to include getting duplicates of the same spam. Will be interesting to see what kind of followup Microsoft and the Feds are able to muster.

Add Comment:

One other difference is that previously virtually all spam was being directed to the spam folder whereas now quite a few messages are going directly to my Inbox.

Guest said:

Until the people are arrested, the Micro-cops have taken down nothing. They will just hack new machines and be back in business within a week.

Mizzou Mizzou said:

Until the people are arrested, the Micro-cops have taken down nothing. They will just hack new machines and be back in business within a week.

That's pretty much my take on it as well.

T77 T77 said:

Guest said:

Until the people are arrested, the Micro-cops have taken down nothing. They will just hack new machines and be back in business within a week.

Well, atleast they have tried to improve upon the situation which is very essential.

Something is better than nothing.

Mizzou Mizzou said:

Saw this on Fudzilla, looks like Microsoft is still after this, hope they get the green light.

Software Giant Microsoft is asking a judge if it can hack into the spammer Rustock's command and control servers. Microsoft said it will make the request after the operators of the spam giant failed to show up at court last week.

Microsoft wants to crack spammer's servers

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.