Microsoft issues US$250,000 bounty for information on Rustock

20 Jul 2011

Microsoft has issued a reward of US$250,000 for new information that will lead to identifying, arresting and jailing the people behind the Rustock botnet, which in its prime was one of the largest single sources of spam on the internet.

This is the latest in a series of actions led by Microsoft and law enforcement to hammer the spammers. Last month, Microsoft published notices in two Russian newspapers informing the botnet’s operators of a civil lawsuit, while in March it was involved in a series of raids with the FBI, which took down a range of command-and-control systems used by Rustock’s operators.

Rustock was capable of sending 30bn spam emails a day

According to some estimates, Rustock had been active for more than five years and Microsoft said the network of infected computers was capable of sending up to 30bn spam emails per day. The software giant also claims Rustock was responsible for several other crimes, including advertising counterfeit or unapproved versions of pharmaceuticals, and violating the trademarks of Pfizer and Microsoft.

In a blog post, Richard Boscovich, senior attorney with Microsoft Digital Crimes Unit, said: “This reward offer stems from Microsoft’s recognition that the Rustock botnet is responsible for a number of criminal activities and serves to underscore our commitment to tracking down those behind it. While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.”

Microsoft figures show that since the command and control servers were taken down, the number of infected computers in Rustock’s network, measured by known IP infections, had fallen by more than 56pc, from 1,601,619 in late March to 702,860 by mid-June. However, Boscovich noted there are still hundreds of thousands of computers around the world that remain infected with malware that allowed Rustock’s owners to take control of them in the first place.

The US$250,000 reward is open to residents of any country subject to the laws of that country, because Rustock affected the internet community worldwide, Boscovich added.

Gordon Smith was a contributor to Silicon Republic

editorial@siliconrepublic.com