Microsoft has named two key suspects in its second status report on the investigation into who was behind one of the world's largest botnets, Rustock.
Records held by Russian money transfer company Webmoney revealed that Rustock’s command and control servers were paid for by a person identified as Vladimir Alexandrovich Shergin, according to Microsoft’s report published on noticeofpleadings.com.
Microsoft also named another suspect who operated under the handle “Cosma2k”, and was associated with the names Dmitri A. Sergeev, Artem Sergeev and Sergey Vladimirovich Sergeev.
Security blogger Brian Krebs traced Cosma2k’s website to Russian domain ger-mes.ru, which included a resume for one of the aliases identified by Microsoft, “Sergeev, Dmitri A.” (pictured).
The resume contained the header “I want to work in Google” and ended hopefully, “Waiting for your job”.
Microsoft's efforts to summons the suspects had so far failed, despite attempts via the web, by email, and through its website noticeofpleadings.com.
Over the next week it also expects to have placed legal notices in newspapers in Moscow and St Petersberg.
A Washington District Court in April gave Microsoft permission to search the botnet infrastructure that was seized in March.
Authorities and Microsoft gained special permission to seize the equipment from several hosts in the US even though they had been unable to identifty or notify its owners.
The botnet was capable of sending a billion emails per day and was known for pharmacuetical spam, according to Microsoft.
Copyright © iTnews.com.au . All rights reserved.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.