Software Giant Microsoft has announced a reward of $250 000 for any information regarding owners of Rustock botnet, the spam giant. Though, Rustock were taken down by Microsoft and its partners in March and has remained inactive since then, the Redmond-based company is still hot on its pursuit.
A Microsoft blog posted by Richard Boscovich, Senior Attorney, Microsoft Digital Crimes Unit said, “After publishing notices in two Russian newspapers last month to notify the Rustock operators of the civil lawsuit, we decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward in the amount of $250,000 for new information that results in the identification, arrest and criminal conviction of such individual(s).
The notice reads: “The total maximum amount eligible for reward is $250,000.00 (USD value). Residents of any country are eligible for the reward pursuant to the laws of that country, because the Rustock botnet affected the Internet community worldwide. Anyone with information on the Rustock botnet or its operators should contact Microsoft at avreward@microsoft.com.”
Explaining the company’s stand Boscovich said “We have a lot of information already, which we can use to weed out false leads, but it’s useful to have contacts with personal knowledge that they can bring forward.”
Rustock botnet was estimated to have accounted for half of the world’s spam at its height. Upto 1.6 million PCs were infected with the Rustock malware. It took combined efforts of Microsoft, security companies and law enforcement agencies to shut Rustock down by seizing command and control services.
V3.co.uk. blog posted that based on the analysis of the hard drives seized and other documents confiscated from Rustock, researchers narrowed down the likely location of botnet controllers to Moscow and St. Petersburg.
According to Boscovich, Rustock had a capacity for sending 30 billion spam mails every day. It was responsible for a number of other crimes as well, including advertising counterfeit or unapproved versions of pharmaceuticals, and violating the trademarks of the pharmaceutical manufacturer Pfizer and Microsoft.
Alen Puzic, security researcher at HP’s DVLabs told V3.co.uk, “Botnets make a lot of money too, so I’m not sure how big an effect it will have. But we’re seeing more and more botnets, which are much larger and powerful than those that have come before. Governments and commercial companies will need to take a more active role against them.”
Though the Rustock botnet infection base has been cut in half since it was taken down, there are still hundreds of thousands of infected computers around the world yet to be cleaned of the botnet malware.
This is the fourth time Microsoft has offered a bounty for malware operators, and it paid out for information on the author of the Sasser malware.
Boscovich had the last word on the matter when he said, “As they say in the intelligence community, you can have all the satellite systems in the world for data, but you still need boots on the ground.”