Microsoft to crack open Rustock's servers

Powered by SC Magazine
 

1.7 million IP addresses still calling home.

Microsoft will press a Washington District Court for permission to crack open the servers it seized in raids on the Rustock botnet's control centres. 

The Redmond company will make the request after the operators of the now decapitated spam giant failed to show up at court last week.

As expected, given the nature of the case, the defendants did not appear in court yesterday, meaning that the case will go on,” said Microsoft Digital Crimes Unit senior attorney, Richard Bozcovich, last Thursday.

The hearing formed part of Microsoft's legal strategy which allowed it to sieze the botnet's hardware without informing them of its intentions. Bozcovich said the element of surprise was necessary to thwart an attempt by the botnet operarors to move its domains and IP addresses, which would have put it "back to square one".   

“We will now move the court to allow us due discovery of the evidence gathered from the seizures, including dozens of server hard drives, to learn what we can about the identity of those behind Rustock.”

The botnet remained inactive, but Microsoft still fears that the million odd Rustock-infected Windows machines could still be wrangled by the unknown operators. 

Within the first week of its seizure, 1.7 million unique IP addresses reached out for routine instructions from Rustock’s controllers, Bozcovich said.  

“Unfortunately, as long as a computer is infected with Rustock malware, it remains at risk for being under the control of a botherder – whether that’s via other botnet malware on the computer or the potential that the Rustock botherders regain control of the botnet for whatever reason."

Copyright © iTnews.com.au . All rights reserved.


Microsoft to crack open Rustock's servers
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1790

Vote
Do you support the abolition of the Office of the Information Commissioner?