Great news from the Microsoft Digital Crimes Unit (DCU). They, in cooperation with US federal authorities, took down the Rustock botnet. Rustock was one of the most prolific spam engines, specializing in those annoying fake-drug email solicitations. According to the Microsoft DCU blog, at its worst, Rustock was capable of sending 30 billion spam email messages a day.
Just as I predicted in my year end blog Security Predictions for 2011 and Beyond attackers would be targeted with more ferocity from governments, service providers and organizations worldwide. Case in point.
This botnet consisted of nearly a million infected computers worldwide, being used to flood the internet with the spam. With the main control servers offline, these systems, while still infected, cannot get instructions from their masters.
This is a positive step forward, but not a complete resolution until infected systems are cleaned and protected from future re-infection. Sadly, it is likely most owners of infected systems are unaware of their contribution to the problem. So the battle, not just with the malicious owners of botnets but also with the uninformed end-users of bot-infected computers, continues. This is a victory to be sure, but the dip in spam may be short-lived as the void will probably be filled by others. Unfortunately, the war will continue to rage in our Inbox's. Still, this is a positive step forward in prosecuting those who abuse the Internet with fraudulent and annoying emails.
A well-earned congratulations to the hard working Microsoft folks in the DCU. Well done and keep pressing forward.
- Microsoft DCU blog - http://blogs.technet.com/b/microsoft_on_the_issues/archive/2011/03/18/taking-down-botnets-microsoft-and-the-rustock-botnet.aspx
- Predictions for 2011 and Beyond blog: http://communities.intel.com/community/openportit/blog/2010/12/01/security-predictions-for-2011-and-beyond