Microsoft offers $250,000 for information on Rustock botnet

Microsoft has announced that it is offering a reward of $250,000 for information that results in the identification, arrest and criminal conviction of the individual(s) responsible for controlling the Rustock botnet. In a post on The Official Microsoft Blog, Richard Boscovich, Microsoft DCU Senior Attorney, says "This reward offer stems from Microsoft’s recognition that the Rustock botnet is responsible for a number of criminal activities and serves to underscore our commitment to tracking down those behind it. While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions."

In March, Microsoft's Digital Crimes Unit (DCU) announced that it had infiltrated the botnet, analysed it and disabled its command and control (C&C) servers. In the time it was active, the notorious botnet, which consisted of an estimated 1.6 million infected PCs, was said to have been responsible for sending up to 30 billion spam messages each day. Earlier this month, four months after the shutdown, Microsoft said that approximately half of the infected PCs still have the Rustock bot installed. However, as the C&C servers have been taken down, they simply cannot receive any commands, so they remain inactive.

Further information about the bounty can be found in the Rustock Reward Document and on noticeofpleadings.com. Users can follow @MicrosoftDCU on Twitter for updates to the Rustock investigation, civil case and cleanup effort.

(crve)