Microsoft defeated the Rustock botnet
The other day there was good (well, or maybe for someone bad) news that Microsoft was able to close one of the largest botnets in the world, Rustock, which generates 39% of the global spam traffic. Of course, this is a multidisciplinary botnet, like many others, but 39% of spam are still not children's toys. According to experts from Microsoft, the botnet consisted of 2 million infected machines at the peak of its development.
All these millions of machines generated about 30 billion spam messages daily. Agree, this is a huge amount of spam, which is so unloved by many of us. The struggle of the corporation’s specialists with the Rustock botnet is no different from the usual methods of combating botnets. First, master servers were identified by which attackers sent commands to botnet machines. Then Rustock servers located in the USA were seized for further analysis, after which Microsoft contacted law enforcement agencies from other countries to liquidate the Rustock command servers in these countries.
After blocking most (according to Microsoft - almost all) of these servers, an operation began to eliminate malicious software on infected PCs that make up the botnet. This stage, apparently, was successful, since Rustock actually ceased to exist. By the way, this is one of the largest operations conducted jointly by Microsoft Malware Protection Center with Trustworthy Computing and law enforcement agencies in various countries. All this operation received the plain name Operation b107.
In their appeal “to the people”, corporation specialists ask those users who suspect infection of their PCs to get more information here.. Let's hope that all this struggle really paid off, and the botnet went offline forever, and not for a couple of days, as often happens.