Rustock take-down proves botnets can be crippled, says Microsoft

05.07.2011
Microsoft Tuesday said the coordinated take-down of the Rustock botnet and follow-up efforts had purged the malware from over half of the PCs once controlled by Russian hackers.

"This shows that disruptive action [against botnets] is viable and possible," said Richard Boscovich, a senior attorney with Microsoft's Digital Crime Unit.

"Once you start taking apart the infrastructure of botnets, you drive up the cost of [botnet gangs] doing business," Boscovich added in an interview Monday. "Disruptive action is just as good as trying to arrest someone."

Since March, when Microsoft lawyers and U.S. Marshals at five Web hosting providers in seven U.S. cities, the number of Windows PCs infected with the malware has dropped worldwide from 1.6 million to just over 700,000 as of June 18, Boscovich reported in a today.

Microsoft also released a detailed report on Rustock, the take-down effort it led, and the impact of its anti-botnet campaign ( ).

In the U.S., an estimated 86,000 Rustock-infected PCs in March had been reduced to some 53,000 by June, a drop of 38%. Other countries saw even bigger reductions: In India, the March tally of 322,000 infected machines plummeted by 69% to approximately 99,000 in June.