Connect with us

Microsoft details Rustock botnet takedown

Discussion in 'Hobby Electronics' started by Don McKenzie, Mar 20, 2011.

Scroll to continue with content
  1. Don McKenzie

    Don McKenzie Guest

    1 Hour Ago

    Microsoft details Rustock botnet takedown

    A million bots at a loose end, still infected.

    Microsoft has revealed how it decapitated one of the world’s largest botnets, Rustock, capable of sending out billions
    of pharmaceutical spam a day.

    The sudden end to Rustock spam late last week was the “denouement” of a multi-month joint effort codenamed "Operation
    b107" between Microsoft, drug company Pfizer and authorities in the US and the Netherlands.

    The takedown was both technical and legal, with Microsoft employing the same strategy it used against the Waledac botnet
    operators by filing a "John Doe" law suit against the anonymous operators of Rustock.

    Arguing its case for a court order to be issued, Microsoft told a Washington Seattle District Court that the unknown
    botnet operator had caused harm to Microsoft and other members of the public in Washington.

    At its height in 2010, Rustock was responsible for 47.5 per cent of the world's spam, according to Symantec.

    After obtaining the court order, US Marshalls officers last week seized Rustock’s command and control servers from five
    hosting centres in seven locations across the US.

    Full Story:
    http://www.itnews.com.au/News/251801,microsoft-details-rustock-botnet-takedown.aspx

    Cheers Don...

    ====================================


    --
    Don McKenzie

    Dontronics Blog: http://www.GodzillaSeaMonkey.com
    Dontronics Site Map: http://www.dontronics.com/sitemap
    E-Mail Contact Page: http://www.dontronics.com/email
    Web Camera Page: http://www.dontronics.com/webcam
    No More Damn Spam: http://www.dontronics.com/spam

    These products will reduce in price by 5% every month:
    http://www.dontronics-shop.com/minus-5-every-month.html
    http://www.dontronics-shop.com/ics.html

    Bare Proto PCB for PIC or AVR projects?
    "I'd buy that for a Dollar!".
     
  2. atec77

    atec77 Guest

    Possibly but it all comes down to the degree of prosecution and
    incarceration
     
  3. Don McKenzie

    Don McKenzie Guest

    Wikipedia just reported its demise.
    http://en.wikipedia.org/wiki/Rustock_botnet

    Rustock botnet
    From Wikipedia, the free encyclopedia

    The Rustock botnet was a botnet that operated from around 2006 until March 2011.

    Cheers Don...

    =========================


    --
    Don McKenzie

    Dontronics Blog: http://www.GodzillaSeaMonkey.com
    Dontronics Site Map: http://www.dontronics.com/sitemap
    E-Mail Contact Page: http://www.dontronics.com/email
    Web Camera Page: http://www.dontronics.com/webcam
    No More Damn Spam: http://www.dontronics.com/spam

    These products will reduce in price by 5% every month:
    http://www.dontronics-shop.com/minus-5-every-month.html
    http://www.dontronics-shop.com/ics.html

    Bare Proto PCB for PIC or AVR projects?
    "I'd buy that for a Dollar!".
     
  4. atec77

    atec77 Guest

    Never bothered us being filtered at my news server
     
  5. Peter Howard

    Peter Howard Guest

    Good news indeed. Just goes to show what can be done if enough money, lawyers
    and influence is thrown at the problem. Hope this isn't the end of it and
    progress is being made at tracking down the anonymous operators. I suggest that
    a speedy trial and public hanging from the nearest lamp post would be a fair
    thing.

    I've just read a message in my spam trap from a nice Christian Dutch lady who
    is terminally ill in hospital. In accordance with her late husbands wishes she
    wants to transfer her entire fortune to me so that I can distribute it to worthy
    charitable causes. Well it makes a change from emails from the brother-in-law of
    the late Oil Minister of Nigeria.
    PH
     
  6. For a minute there, I thought Microshit might have fixed the actual
    Problem, their own servers spam detection (useless at the best of times)

    But no, it's easier to shut down the network creating the spam than
    fix their own software.
     
  7. terryc

    terryc Guest

    Funny, but I haven't seen pharma spam for years. The servers were well
    listed on spam blockers that I use.
     
  8. Sylvia Else

    Sylvia Else Guest

    Likely to be none.

    Sylvia.
     

  9. Rod Speed is reported to be very upset.

    No where now to buy his Viagra!
     
  10. If microshit did checksum verification and delayed deliveries for
    unverified senders then almost all spam on microshit servers could be
    avoided.

    Microshits spam detection is basically
    Keywords: Totally useless today
    Bayesian: Almost Totally useless today
    Blacklists: Effective up to a point

    And still, the biggest source of spam comes from Microshits hotmail
     
  11. Don McKenzie

    Don McKenzie Guest

    Of course, you don't have to put up with Email Spam:
    http://dontronics-shop.blogspot.com/2011/03/no-more-damn-spam.html

    Cheers Don...

    =====================


    --
    Don McKenzie

    Dontronics Blog: http://www.GodzillaSeaMonkey.com
    Dontronics Site Map: http://www.dontronics.com/sitemap
    E-Mail Contact Page: http://www.dontronics.com/email
    Web Camera Page: http://www.dontronics.com/webcam
    No More Damn Spam: http://www.dontronics.com/spam

    These products will reduce in price by 5% every month:
    http://www.dontronics-shop.com/minus-5-every-month.html
    http://www.dontronics-shop.com/ics.html

    Bare Proto PCB for PIC or AVR projects?
    "I'd buy that for a Dollar!".
     
  12. Glad to see the PHP page is still going strong!

    Most of the spam I get these days (usually max of 10 or so a day) are
    directly through my ISP mail accounts (which I never divulge to
    anybody) so they are just "dictionary attacks" - usually confirmed by
    the large number of CCs to other people using my ISP.

    In fact I haven't changed my "main" e-mail address since 2006 as I
    very rarely get any spam through there these days.

    Cheers
    Alan

    ps. noticed I get a mention in the blog post - famous at last :)
     
  13. Don McKenzie

    Don McKenzie Guest

    G'day Alan,

    Hardly famous, but I'll always be grateful for your input on that one. It changed the way I deal with Spam forever.
    As a matter of course, I change my addy annually, but there is possibly no need to now.

    My Spam level is so small, I have to have conversations with Nigerian Scammers to fill in my day. :)

    Here is today's example:
    I just advertised my Olimex boards on graigslist.org, as I was told it would pick up many back links to my site when
    google indexes it. I don't know it that is true or not, but thought I would give it a try and see.

    It wasn't for a specific product, just a general ad for Micro programmers and development boards. I did however decide
    to use the graiglist email address associated with that ad, that directs email onto me. I have the option of hiding it also.

    Here is what I got this morning:

    =====================================

    please is your item available for sale and good working condition?

    this message was remailed to you via:
    =====================================
    Hi,
    Which specific item were you interested in?
    Cheers Don...
    =====================================
    Hello,
    Am Bianca Alvise from United Kingdom ,I am interested in the
    immediate purchase of this item and I shall be paying through a BANK
    TRANSFER,I am sending this item to Lagos Nigeria in West Africa Region
    because am presenting it to my younger wife just for her Birthday
    ceremony Present becouse she went there with her other selected team
    on a project execution and it is needed urgently . As for shipment,
    get me the shipping cost .becouse i want it shipped via REGISTERED
    MAIL or DHL. Can this be done ? . If yes, please get back to me as
    soon as possible with your full name and bank details so that I can
    proceed with the payment I am wait your response to move this
    transaction forward.
    =====================================
    as there are 500+ different items in the range, which one do you want?
    Cheers Don...
    =====================================
    Hello, what did you said?
    =====================================
    How many do you want?
    What colour?
    Do you want with door handles, or without?
    Sizes, do you want S, M, L, XL, XXL, XXXL, or BBBB, which is what we call here "BluddyBigBlackBugger"?
    Do you need them with the optional WitchetyGrubs?
    If you can tell me exactly what you want, we can give you our bank account details, and get the goods to you in Nigeria,
    as I don't want to delay too long.
    Sales have been very poor, and I have to make some money for my Grand mothers heart operation.
    Cheers Don...
    =====================================

    I am still waiting to hear back.

    My apologies to any BBBB sized people out there. Was all that came to mind at the time.

    Cheers Don...

    =====================================




    --
    Don McKenzie

    Dontronics Blog: http://www.GodzillaSeaMonkey.com
    Dontronics Site Map: http://www.dontronics.com/sitemap
    E-Mail Contact Page: http://www.dontronics.com/email
    Web Camera Page: http://www.dontronics.com/webcam
    No More Damn Spam: http://www.dontronics.com/spam

    These products will reduce in price by 5% every month:
    http://www.dontronics-shop.com/minus-5-every-month.html
    http://www.dontronics-shop.com/ics.html

    Bare Proto PCB for PIC or AVR projects?
    "I'd buy that for a Dollar!".
     
  14. atec77

    atec77 Guest

    A while back out of boredom my friend fiddled with a big bad faker
    set an account
    took the deposit and refused to send the difference eventually sending
    them a bill for fake fees and of course a copy of all transactions and
    email to new Scotland yard etc etc .never heard a thing more about it
    and he no longer gets any begging awards either
    The faaker got very shitty about not getting his difference sent in
    time , quite amusing for a day or two
     
  15. Alan

    Alan Guest

    I usually don't bother with whatever spam comes in today - what little
    does arrive I deal with through Mailwasher - nice little programme!

    I do like to have fun with the "Microsoft Support Centre" guys from
    India that seem to call me from time to time. The last one I had a
    very nice 5 minute chat with about how my windows were all working
    fine because I had just repainted then and put new grease on the
    hinges, same as the doors. Told him I would call a carpenter if I
    found I have a virus in them so I could get them fixed.

    My usual response though is to play dumb (quite easy!) and express joy
    at having won the computer from them as I've always wanted a computer!
    And how soon will it arrive, etc. Normally keeps them going for a few
    minutes till they get cheesed off - but at least they're not annoying
    some other poor so and so.

    Talking about Nigerian scams - I remember about 8 or 9 years ago the
    boss where I was working was very excited about this fax from Nigeria
    and the "outstanding opportunity" it offered. Took quite a while to
    convinse him it was a scam.

    Alan
     
  16. Don McKenzie

    Don McKenzie Guest

    my two daughters live on the internet, and it seems every 6 or 12 months, I am warning them about some new phising
    attack method, or scam, as there are some very smart operators out there. Getting very sophisticated.

    Like the dummy front panels on ATMs. What a trap that would have been for anyone when they first pulled that one.

    Now spammers are using your first name, last name, and paypal email address, to get you to click on their site.
    With only paypal having my paypal email address, I know it is an internal security breach on their behalf. I was warned
    about it, then I got 2 emails like this, changed email addresses, and it stopped.

    Cheers Don...
    --
    Don McKenzie

    Dontronics Blog: http://www.GodzillaSeaMonkey.com
    Dontronics Site Map: http://www.dontronics.com/sitemap
    E-Mail Contact Page: http://www.dontronics.com/email
    Web Camera Page: http://www.dontronics.com/webcam
    No More Damn Spam: http://www.dontronics.com/spam

    These products will reduce in price by 5% every month:
    http://www.dontronics-shop.com/minus-5-every-month.html
    http://www.dontronics-shop.com/ics.html

    Bare Proto PCB for PIC or AVR projects?
    "I'd buy that for a Dollar!".
     
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Electronics Point Logo
Continue to site
Quote of the day

-