Microsoft took down Rustock botnet thanks to 67 year old counterfeit law

In March 2011, Microsoft shut down the Rustock criminal botnet, which included seizing physical computer equipment in a number of major US cities. It was the start of a number of similar botnet raids by Microsoft, with the assistance of other companies and law enforcement officials.

But how could a private company like Microsoft get a way to grab all that computer hardware in the first place? Microsoft filed a civil lawsuit against the operators of the Rustock botnet, which normally would not be enough for a search warrant.

As it turns out, Microsoft found an interesting loophole in the laws of the US that allowed them to raid those locations. The Washington Post reports that a bill that was passed by Congress in 1946, the Lanham Act, does allow for equipment to be seized in a civil lawsuit if that hardware is being used for counterfeiting.

One final "hurrah!" for the old Microsoft logo before it was replaced.

So what was being counterfeited by the Rustock botnet servers? Microsoft found out that its operators were sending out spam emails with a template that included Microsoft's then current logo. That was enough for the company to use the Lanham act to go after the botnet's operations. Email spam went down by over 24 percent worldwide just the day after the Rustock botnet was shut down.

Source: Washington Post | Image via Microsoft

Report a problem with article
Previous Story

Turn on Neowin's 'lites' with new IE benchmark tool

Next Story

Microsoft: It will be easier to make Xbox One games compared to Xbox 360

3 Comments - Add comment