Microsoft’s Server Take Down Cut Ruckstock Botnet in Half

The Rustock botnet has been nearly halved in size and effectively crippled, demonstrating how tech companies can coordinate with law enforcement to take down malware distributing botnets, Microsoft said.

Since Microsoft seized several command and control servers in the United States in March, the infection rate for Rustock malware has declined dramatically, Richard Boscovich, a senior attorney with Microsoft s Digital Crime Unit, wrote July 5 on the Official Microsoft Blog. The blog post accompanied a special-edition Microsoft Security Intelligence Report containing the latest statistics on Rustock.

The worldwide number of known infected systems declined about 56 percent from more than 1.6 million at the end of March to just over 700,000 in June, Microsoft said. The infection rate in the U.S. dropped by 35.48 percent, or from 86,000 machines to 53,000. Even though the Microsoft-coordinated takedown operation only shut down U.S.-based servers and didn t affect other C&C servers operating in other countries, it appeared that infection rates in India and Russia also declined 69.30 and 70.61 percent, respectively.

“Since the time of the initial takedown, we estimate the Rustock botnet is now less than half the size it was when we took it down in March," wrote Broscovitch. He said the drop in infection rates had happened much more quickly than expected.

At its peak, Rustock sent out billions of spam email messages per day and accounted for nearly half of global spam volume. Custom software was found on one of the drives of the seized C&C servers capable of mailing a spam file to 427,000 email addresses from a single data set.

To read the original eWeek article, click here: Rustock Botnet Size Nearly Halved Since Server Takedown: Microsoft

CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles