Microsoft Digital Crimes Unit Took Down Rustock Botnet

Posted Mar 18, 2011

[image credit: m86security]

About a year ago, The Digital Crimes Unit at Microsoft Corporation (NASDAQ:MSFT) took down the botnet Waledac as part of an operation called “Operation b49.” Recently they have taken down one of the most complex botnets called Rustock Botnet.

The Rustock Botnet is known for infecting about one million infected computers. Rustock is also believed to be capable of sending billions of spam e-mails per day including fake Microsoft lottery scams and offers for fake drugs.

Known as Operation b107, this is the second highest-profile takedown Microsoft conducted between DCU, Microsoft Malware Protection Center, and Trustworthy Computing. To make the takedown happen, Microsoft relied heavily on legal compliance with the U.S. District Court for the Western District of Washington to coordinate a seizure of command and control servers in multiple locations escorted by the U.S. Marshals Service.

Pharmaceutical company Pfizer was also involved in the takedown of Rustock. Pfizer confirmed that Rustock promoted a market for fake drugs that contains wrong active ingredients, incorrect dosages, and unsfae conditions that the fake medicine was produced in.