Microsoft to crack open Rustock's servers

Powered by SC Magazine
 

1.7 million IP addresses still calling home.

Microsoft will press a Washington District Court for permission to crack open the servers it seized in raids on the Rustock botnet's control centres. 

The Redmond company will make the request after the operators of the now decapitated spam giant failed to show up at court last week.

As expected, given the nature of the case, the defendants did not appear in court yesterday, meaning that the case will go on,” said Microsoft Digital Crimes Unit senior attorney, Richard Bozcovich, last Thursday.

The hearing formed part of Microsoft's legal strategy which allowed it to sieze the botnet's hardware without informing them of its intentions. Bozcovich said the element of surprise was necessary to thwart an attempt by the botnet operarors to move its domains and IP addresses, which would have put it "back to square one".   

“We will now move the court to allow us due discovery of the evidence gathered from the seizures, including dozens of server hard drives, to learn what we can about the identity of those behind Rustock.”

The botnet remained inactive, but Microsoft still fears that the million odd Rustock-infected Windows machines could still be wrangled by the unknown operators. 

Within the first week of its seizure, 1.7 million unique IP addresses reached out for routine instructions from Rustock’s controllers, Bozcovich said.  

“Unfortunately, as long as a computer is infected with Rustock malware, it remains at risk for being under the control of a botherder – whether that’s via other botnet malware on the computer or the potential that the Rustock botherders regain control of the botnet for whatever reason."

Copyright © iTnews.com.au . All rights reserved.


Microsoft to crack open Rustock's servers
 
 
 
Top Stories
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 319

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 123

Vote