One of the world’s top spammers has just lost a fight with software giant Microsoft .
According to a Volish lawsuit, Microsoft paramilitaries, er security staff, backed by Inspector Knacker of the Software Yard carried out several coordinated raids against the Rustock botnet.
Rustock is a botnet that infected millions of computers, with fake drugs spam. Writing in his bog, legal Vole Richard Boscovich said that the network would serve up a billion spam emails a day.
Seven hosting facilities were raided across the US which seized the command-and-control machines that ran the network.
Rustock was responsible for 39 percent of the world’s spam last year so we should see a lot less of the stuff hitting our in-box.
Boscovich said that Rustock’s infrastructure was much more complicated than other botnets.
It relied on hard-coded Internet Protocol addresses rather than domain names and peer-to peer command and control servers to control the botnet.
Vole was worried that the bot could be quickly shifted to a new infrastructure, so it got a court order allowing it to work with the U.S. Marshall Service to physically capture evidence onsite and, in some cases, take the affected servers from hosting providers for analysis.
Specifically, servers were seized from five hosting providers in Kansas City, Scranton, Denver, Dallas, Chicago, Seattle, and Columbus. Afterwards, with help from the upstream providers, Vole severed the IP addresses that controlled the botnet, cutting off communication and disabling it.
What was unusual about this particular raid was it was done by Vole acting alone and without any help from the cybersecurity community.
Spam monitors thought something was odd when the botnet’s activity halted.