Microsoft has unleashed its legal dragnet in an attempt to take down the Rustock botnet. According to WSJ, the botnet, which consists of approximately 150,000 computers around the globe, is capable of sending 30 billion spam messages a day. 150,000 is the most conservative estimate of its size, and some have measured the amount of infected PCs to be upwards of 24 million. Symantec has measured the botnet to be responsible for more than half of the spam messages in 2010.
Microsoft, with the help of federal law enforcement, seized physical computer equipment believed to be the command and control servers for the botnet. Agents went into facilities in Kansas City, MO,; Scranton, PA,; Denver, CO,; Dallas, TX,; Chicago, IL,; Seattle, WA,; and Columbus, OH to retrieve equipment in an effort to “decapitate” the operation, according to Microsoft officials.
Richard Boscovich, senior attorney in Microsoft’s digital crime unit, said that the operation “has been 100% effective.” After the seizure was complete, Microsoft issued a lawsuit to “John Does 1-11,” as no identities have surfaced as leaders of the botnet as of yet. Symantec reported that Rustock stopped all spam activity at roughly 11:30 PM EST Wednesday evening, just after Microsoft started its operation.
This is not the first time Microsoft has actively and aggressively taken steps to bring down a botnet operation. In February 2010, Microsoft helped take down the similarly huge Waledac botnet.