« U.S. Official: Pre-infected Computer Technology Entering the Country | Main | Make the Web Safer, Get $10,000 »
07/18/2011
$250,000 Reward for Information about the Rustock Botnet
Co-Editor
Microsoft made an announcement in their blog today: $250,000 for Rustock botnet information
Why has Microsoft put so much effort into this particular botnet?This reward offer stems from Microsoft’s recognition that the Rustock botnet is responsible for a number of criminal activities and serves to underscore our commitment to tracking down those behind it.
"While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.
In part because of the serious damage it has done. By Microsoft's estimation, the botnet had capacity for sending 30 billion spams. A day.
Bear in mind, too, that this is after Rustock was taken down through a huge international effort that marshaled industry and academic researchers, legal teams, and governments to do so.
So, what does all this mean?
My own take is that they may never capture the folks responsible, and a lot of infected machines are still out there, mostly unbeknownst to their owners, no doubt, so there's still a lot of work to be done.
My belief is that the botnet will take many years to die completely, because most of the people who're running infected machines aren't running antivirus software, and if they haven't noticed their machines are infected by now, they probably never will.
Thus, they're unlikely to install some and remove the botnet from their PC.
In which case, it'll only die when the infected PCs themselves go to the scrapyard.
In the mean time, at least the technological solutions in place should make it very hard for the infected machines to come back to life and spew more spam.
More information on the $250,000 Rustock award.
The comments to this entry are closed.
Comments
You can follow this conversation by subscribing to the comment feed for this post.