Microsoft to crack open Rustock's servers

Powered by SC Magazine
 

1.7 million IP addresses still calling home.

Microsoft will press a Washington District Court for permission to crack open the servers it seized in raids on the Rustock botnet's control centres. 

The Redmond company will make the request after the operators of the now decapitated spam giant failed to show up at court last week.

As expected, given the nature of the case, the defendants did not appear in court yesterday, meaning that the case will go on,” said Microsoft Digital Crimes Unit senior attorney, Richard Bozcovich, last Thursday.

The hearing formed part of Microsoft's legal strategy which allowed it to sieze the botnet's hardware without informing them of its intentions. Bozcovich said the element of surprise was necessary to thwart an attempt by the botnet operarors to move its domains and IP addresses, which would have put it "back to square one".   

“We will now move the court to allow us due discovery of the evidence gathered from the seizures, including dozens of server hard drives, to learn what we can about the identity of those behind Rustock.”

The botnet remained inactive, but Microsoft still fears that the million odd Rustock-infected Windows machines could still be wrangled by the unknown operators. 

Within the first week of its seizure, 1.7 million unique IP addresses reached out for routine instructions from Rustock’s controllers, Bozcovich said.  

“Unfortunately, as long as a computer is infected with Rustock malware, it remains at risk for being under the control of a botherder – whether that’s via other botnet malware on the computer or the potential that the Rustock botherders regain control of the botnet for whatever reason."

Copyright © iTnews.com.au . All rights reserved.


Microsoft to crack open Rustock's servers
 
 
 
Top Stories
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
What InfoSec can learn from the insurance industry
[Blog post] Another way data breach laws could help manage risk.
 
A ten-point plan for disrupting security
[Blog post] How can you defend the perimeter when it’s in the cloud?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1043

Vote