Microsoft Deactivates Rustock, The Biggest Botnet Across The Globe
The infamous Rustock network of bots that once dispatched over 50% of the total junk e-mails of the globe is understandably out of operation following Microsoft, which with the assistance of American security agencies, has grabbed the botnet's reins. V3.co.uk published this on March 17, 2011.
It is estimated that Rustock contains a huge 815,000 hijacked Windows computers that some 26 command and control (C&S) servers regulate. The contaminated PCs are still in a state of compromise; however, they haven't been commanded to act as also the spam formats they have drawn upon are hitherto lying passive. Moreover, it's been 3 years now that Rustock is around, having dispatched around 200bn spam messages daily that chiefly promoted male enhancement drugs and Internet pharmacies.
Meanwhile, Rustock's C&C servers were hosted on U.S Web-hosting companies that apparently didn't know exactly what role they played for Rustock. The servers issued commands for contaminating corporate and home computers across the world that ran the Windows operating software of Microsoft.
State reports that a court granted Microsoft the authority to grab bot-infected PCs and debilitate the malicious network following contention that certain e-mails infringed upon their trademarks.
And while it's not known who the online crooks are, running the spam operation, the lawsuit merely identified them as "John Does 1-11."
Remarking about the botnet's closure, Senior Attorney Richard Boscovich in the Digital Crimes Unit of Microsoft stated that the break-ins successively snapped the connection of the innumerable zombie PCs within Rustock with the servers, which commanded and controlled them. Dailymail.co.uk published this on March 21, 2011.
Nonetheless Paul Wood, Senior Analyst at the MessageLabs of Symantec Cloud cautioned that possibly it wasn't anti-spam activists shutting down the botnet rather the network had gone quiet because of its controllers making an intentional move. V3.co.uk published this on March 17, 2011.
Wood explained that for deactivating a botnet or withdrawing it from the Internet, it was necessary for identifying every relevant Internet Protocol address followed with a well-coordinated and regulated action plan that involved an enormous level of rigorous global initiative covering several time-zones through the world's myriad languages.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 30-03-2011