Rustock Botnet Suspect Hunting Job at Google
Microsoft disassembled the command as well as control structure of the infamous spam-circulating Rustock botnet during March, 2011. Redmond has since found that a Webmoney account used to rent out Rustock control servers was associated with an individual naming Vladimir Alexandrovich Shergin, as reported by The Register on June 02, 2011.
Significantly, Microsoft assisted in disassembling Rustock during March 2011 after a planned and well-timed "stun" targeting the spam botnet's infrastructure, which primarily included servers based in U.S. hosting facilities.
Although Rustock is still dead, Microsoft is searching for the creator of Rustock. In its second status report submitted during the concluding week of May, 2011 to a district court in Seattle, Microsoft stated that, it enquired with virtual currency provider Webmoney regarding the owner of an account used to rent Rustock control servers, and proved that the account was associated with a person called Vladimir Alexandrovich Shergin.
Commenting on the matter, Richard Boscovich, Senior Attorney at Microsoft's Digital Crimes Unit, stated that, they are close to filing a specific notice, which is a necessity of the U.S. law, for the people that they think are associated with Rustock; a hearing will be conducted and these people should be present in the hearing. He further added that, naturally they don't wish anyone to go, but it is a constitutional prerequisite under the U.S. law, as reported by CIO on June 02, 2011.
Notably, Vladimir Shergin has also a presence in an exposed database of top earning affiliates of infamous pharmacy spamming operation Spamit.com. The similar database, gathered by Krebs during 2010, relates the identity Cosma2K to an account firstname.lastname@example.org.
Nevertheless, the recent move by Microsoft is a part of the obligation of the special court order enabling the firm to arrange the shutdown of the botnet servers without first informing the owners. Acknowledged as an ex parte temporary restraining order (TRO), the judgment also needs the firm to attempt to inform the owners of the botnet.
According to Krebs, Microsoft looks firm to bring the Rustock offenses and crimes to the court, as reported by Info Security on June 02, 2011.
Related article: Rustock Become The World’s Largest Spam Botnet
» SPAMfighter News - 10-06-2011