Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Microsoft shuts down spam behemoth Rustock, reduces worldwide spam by 39%
Switched ^ | 3/18/11 | Sebastian Anthony

Posted on 03/18/2011 1:25:49 PM PDT by LibWhacker

Microsoft's Digital Crimes Unit, working with federal law enforcement agents, has brought down the world's largest spam network, Rustock.

Rustock, at its peak, was a botnet of around 2 million spam-sending zombies capable of sending out 30 billion spam email per day. Microsoft's wholesale slaughter of Rustock could reduce worldwide spam output by up to 39%.

Rustock was taken down, piece by piece, in a similar way to the Mega-D botnet. First the master controllers, the machines that send out commands to enslaved zombies, were identified. Microsoft quickly seized some of these machines located in the U.S. for further analysis, and worked with police in the Netherlands to disable some of the command structure outside of the U.S.

With the immediate threat disabled, Microsoft then worked with upstream providers to black hole the IP addresses of whoever was controlling the botnet. To prevent further master controllers popping up, Microsoft worked with Chinese CN-CERT to block registration of domains that could be used by new command and control servers.

Finally, Microsoft is now working with ISPs and CERTs around the world to help clean the Rustock malware from around 1 million infected machines. It's also worth noting that Microsoft didn't do this alone; specialists from Pfizer, FireEye (the company behind the Mega-D botnet takedown), and the University of Washington helped out.

Why Pfizer you ask? Because Rustock's spam is mostly of the pharmaceutical kind. The drugs advertised in such spam are rarely the real deal. They can contain the wrong active ingredients, or the wrong dosage. Not only did Rustock spam cut into Pfizer's profits, but it might have been killing people too.

If you want to prevent your own computers from becoming botnet zombies, make sure you install anti-malware software, such as Malwarebytes' Anti-Malware.


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: botnet; crimes; digital; dismantled; malware; pr0wned; russia; rustock; spam; zombies

1 posted on 03/18/2011 1:25:54 PM PDT by LibWhacker
[ Post Reply | Private Reply | View Replies]

To: LibWhacker

Does this mean we won’t get any more spam advertising p3n1$ enlargement?


2 posted on 03/18/2011 1:31:51 PM PDT by Vigilanteman (Obama: Fake black man. Fake Messiah. Fake American. How many fakes can you fit in one Zer0?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: LibWhacker

Excellent!

Must be why I’m not getting any Viagra spam e-mails anymore...


3 posted on 03/18/2011 1:32:42 PM PDT by ButThreeLeftsDo (Sharia? No, thanks.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: LibWhacker

http://www.youtube.com/watch?v=anwy2MPT5RE


4 posted on 03/18/2011 1:37:26 PM PDT by Paleo Conservative
[ Post Reply | Private Reply | To 1 | View Replies]

To: LibWhacker
If you want to prevent your own computers from becoming botnet zombies, make sure you install anti-malware software, such as Malwarebytes' Anti-Malware.

Good advice. Malwarebytes blocked suspicious activity for me today. I was on a golf equipment site looking at Callaway X-22 and Diabo irons when I got the block message. I left there in a hurry. And, no, it wasn't Callaway's website...

5 posted on 03/18/2011 1:38:21 PM PDT by bcsco
[ Post Reply | Private Reply | To 1 | View Replies]

To: Vigilanteman

“Does this mean we won’t get any more spam advertising p3n1$ enlargement?”

All except the ones from the girlfriend’s email addy. /humor


6 posted on 03/18/2011 1:40:59 PM PDT by PLMerite (Thanks for fixing the clock.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: LibWhacker
Microsoft quickly seized some of these machines located in the U.S. for further analysis,

Although I like the spammers being taken down, I wonder when Microsoft was granted general police powers? Maybe Obama didn't read the fine print in the license agreement when he installed Windows on a White House computer.

7 posted on 03/18/2011 1:42:58 PM PDT by KarlInOhio (Washington is finally rid of the Kennedies. Free at last, thank God almighty we are free at last.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: LibWhacker
Well, that may explain the message I just got in my email: "We may be out of business but you're till hung like a gerbil."

How do they know? Is there a database somewhere?

8 posted on 03/18/2011 1:43:25 PM PDT by Billthedrill
[ Post Reply | Private Reply | To 1 | View Replies]

To: ButThreeLeftsDo
Must be why I’m not getting any Viagra spam e-mails anymore...

I was gettting a bunch of that garbage sent from what looked like my own email addy. Someone's address book must've gotten hijacked. I sit behind a SonicWALL with CFS and run AVG Pro on all my workstations. Defense in depth...

9 posted on 03/18/2011 2:19:38 PM PDT by Noumenon ("We should forgive our enemies, but not before they are hanged.")
[ Post Reply | Private Reply | To 3 | View Replies]

To: Noumenon

That should have been CGS, not CFS. Spending too much time on the big one today...


10 posted on 03/18/2011 2:20:29 PM PDT by Noumenon ("We should forgive our enemies, but not before they are hanged.")
[ Post Reply | Private Reply | To 9 | View Replies]

To: KarlInOhio

“Microsoft quickly seized some of these machines located in the U.S. for further analysis,

Although I like the spammers being taken down, I wonder when Microsoft was granted general police powers? Maybe Obama didn’t read the fine print in the license agreement when he installed Windows on a White House computer. “

That was my first thought also!! Nice they stopped the spam but since when can a business “seize” anything?


11 posted on 03/18/2011 2:30:49 PM PDT by precisionshootist
[ Post Reply | Private Reply | To 7 | View Replies]

To: ButThreeLeftsDo
Lately, I've been getting a lot of spam where the subject is cut up.

Ex:

Cert ifie dToEnjo yCu tRate sOnTa blet s

12 posted on 03/18/2011 2:34:23 PM PDT by chopperman
[ Post Reply | Private Reply | To 3 | View Replies]

To: chopperman

Oht hAtW asme. So Rrya boU t th at.


13 posted on 03/18/2011 2:38:52 PM PDT by GreenAccord (Bacon Akbar!)
[ Post Reply | Private Reply | To 12 | View Replies]

To: KarlInOhio
Microsoft quickly seized some of these machines located in the U.S. for further analysis,

Although I like the spammers being taken down, I wonder when Microsoft was granted general police powers? Maybe Obama didn't read the fine print in the license agreement when he installed Windows on a White House computer.

I'd suspect that it's a case of sloppy reporting. In all likelihood, law enforcement agencies seized the computers and then turned them over to Microsoft for the analysis.

14 posted on 03/18/2011 2:39:50 PM PDT by Bob
[ Post Reply | Private Reply | To 7 | View Replies]

To: LibWhacker
Here's a link to the much informative Microsoft Technet posting on this same event: Taking Down Botnets: Microsoft and the Rustock Botnet.
15 posted on 03/18/2011 2:49:50 PM PDT by snowsislander
[ Post Reply | Private Reply | To 1 | View Replies]

To: LibWhacker

Oh no, what will the world do without natural male enhancement.


16 posted on 03/18/2011 2:58:36 PM PDT by razorback-bert (Some days it's not worth chewing through the straps.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: chopperman

“Lately, I’ve been getting a lot of spam where the subject is cut up.

Ex:

Cert ifie dToEnjo yCu tRate sOnTa blet s”

They do that to defeat defenses that flag certain words and send the message to the spam folder.


17 posted on 03/18/2011 3:32:06 PM PDT by SaxxonWoods (Throw away your papers, blow up your TV...and set yourself free.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Ernest_at_the_Beach; ShadowAce; Swordmaker; martin_fierro

Thanks LibWhacker.


18 posted on 03/18/2011 3:36:14 PM PDT by SunkenCiv (The 2nd Amendment follows right behind the 1st because some people are hard of hearing.)
[ Post Reply | Private Reply | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

19 posted on 03/18/2011 4:49:26 PM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: chopperman

That’s a popular tactic....


20 posted on 03/18/2011 4:54:20 PM PDT by ButThreeLeftsDo (Sharia? No, thanks.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: LibWhacker
Microsoft's Digital Crimes Unit, working with federal law enforcement agents, has brought down the world's largest spam network, Rustock.
Rustock, at its peak, was a botnet of around 2 million spam-sending zombies

That's nice, considering their crappy OS helped foster it.

21 posted on 03/18/2011 5:03:26 PM PDT by martin_fierro (< |:)~)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

Thanks for the good news ping.


22 posted on 03/18/2011 7:38:22 PM PDT by GOPJ (http://hisz.rsoe.hu/alertmap/index2.php - It's only uncivil when someone on the right does it.- Laz)
[ Post Reply | Private Reply | To 19 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson