July 18, 2011

Microsoft said today that it is offering a $250,000 reward for new information leading to the arrest and conviction of the individual(s) responsible for the Rustock botnet, a now-defunct crime machine that was once responsible for sending 40 percent of all junk email.

The bounty is the software giant’s latest salvo in its war on Rustock; Microsoft secured a major victory in March, when it worked with ISPs and security firms to launch a successful sneak attack against the botnet, knocking out its support infrastructure. Richard Boscovich, senior attorney for Microsoft’s digital crimes unit, said that although spam from Rustock-infected PCs has ceased, there are still hundreds of thousands of infected computers around the world to be cleaned of the botnet malware.

Microsoft's Rustock notice in The Moscow News, June 14

“This reward offer stems from Microsoft’s recognition that the Rustock botnet is responsible for a number of criminal activities and serves to underscore our commitment to tracking down those behind it,” Boscovich wrote in a post on the official Microsoft blog. “While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.”

Microsoft recently ran advertisements in major newspapers in Moscow and St. Petersburg, as part of a deal the company struck with a U.S. court to help dismantle Rustock; the court granted Microsoft dominion over the Rustock control servers and domains as long as the company made a “good faith” effort to notify the unidentified owners.

This is the fourth reward of $250,000 that Microsoft has offered in its anti-virus reward program. It has paid a reward only once: For information leading to the arrest and conviction of the author of the Sasser worm. The person who provided the tip in that case was a classmate of the Sasser worm author.

The catch with Microsoft’s offer is that they are soliciting offers of “new” information on the Rustock author(s). My own follow-the-money sleuthing on the individual who paid for the hosting that supported the Rustock control servers traced back to a very specific person — a Russian man that Microsoft later named in its public filings with the court. Prior to their publication of that information, I had shared with Microsoft everything I’d uncovered; the company claimed at the time that it had already obtained the same information on its own.

6 thoughts on “Microsoft Offers $250K Bounty for Rustock Author

  1. Thomas

    I thought that it is a job of the police or other officials to hunt criminals.

    As a German, this looks really strange to me that a private company tries to get on them…

    1. nv

      According to Microsoft Technet this is how it unfolded, quote, “with the help of industry partners and law enforcement, taken down the notorious spamming botnet, Rustock”.

      Also, last I know: The Federal CAN-SPAM Act allows Internet Service Providers to seek relief through a court, that’s what has and is occuring.

  2. Oper207

    Na what there looking for is a stool pigeon a.k.a snitch , informant ect. 🙂

  3. Lynne

    Aww, Thomas, crowdsourcing (+ $$$) is the key to the super underground Narnia door. And Brian, I would have given you the money for being such an earnest supporter of truth & justice.

  4. nv

    I searched a bit for the English translation of the “Microsoft’s Rustock notice in The Moscow News” mentioned in this article but haven’t found it. ‘InformationWeek.com states it would also be published in the Delovoy Petersburg; didn’t find that notice either.

    Where’s a non-image copy of the notice? Ultimately what I’d like to read is a English translation?

  5. Deon Fialkov


    Well it’s a very interesting read, but I believe that there should be monetary rewards to sort out most / all hacking situations.

    Interception / modification illegally disrupts the norm and thus hackers should be punished accordingly.

    I think it’s a good reward – 250K – it definitely sounds like they will catch the people responsible. Good luck.

Comments are closed.