[ISN] Microsoft Offers $250, 000 Bounty To ID Rustock Botnet Operators

From: InfoSec News <alerts_at_private>
Date: Tue, 19 Jul 2011 06:29:45 -0700 (MST)

By Kelly Jackson Higgins
Dark Reading
July 18, 2011

The effort to unmask and apprehend the criminals behind the massive 
Rustock botnet heated up today as Microsoft put up a $250,000 reward for 
new information on the botnet's operators.

Rustock -- which in March was knocked offline by federal authorities and 
Microsoft -- was able to send some 30 billion spam messages a day, such 
as for phony Pfizer prescription drugs and fake Microsoft lottery scams. 
FireEye, researchers at the University of Washington, Pfizer, the Dutch 
High Tech Crime Unit, and the Chinese CERT all assisted in the operation 
to take down the botnet, which had an army of some 1.6 million machines 
worldwide at its peak. And there are still some 700,000 machines 
infected with the botnet's malware, according to a recent report from 

Richard Boscovich, senior attorney for Microsoft's Digital Crimes Unit, 
announced today that the company had decided to supplement its civil 
discovery efforts with the cash reward. Last month, Microsoft published 
notices in two Russian newspapers in an effort to alert the Rustock 
operators of the civil lawsuit against them. The reward was a way to 
turn up the "heat as a result of the evidence we have secured during the 
discovery process," Boscovich said in response to an inquiry from Dark 
Reading. However, he did not elaborate on just what that evidence might 

The $250,000 reward is available to anyone offering new information that 
results in the arrest and conviction of the Rustock operators. Microsoft 
will be gathering information via email, at avreward_at_private


Attend Black Hat USA 2011, hosted at Caesars Palace in
Las Vegas, Nevada July 30-Aug 4, offering over 60 training
sessions and 9 tracks of Briefings from security industry elite.
To sign up visit: http://www.blackhat.com
Received on Tue Jul 19 2011 - 06:29:45 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 19 2011 - 06:27:33 PDT