Microsoft late yesterday took its pursuit of the cyber criminal gang responsible for the Rustock botnet a step further.
It announced a $250,000 reward to anyone with information that could help its Microsoft Digital Crime Unit (DCU) with investigations in pursuit of a civil lawsuit against the gang.
After publishing notices in two Russian newspapers last month to notify the Rustock operators of the suit, Richard Boscovich, Microsoft Digital Crimes Unit senior attorney announced the reward incentive on the Official Microsoft blog late yesterday.
He said the money would be paid to anyone with new information that could lead to the identification, arrest and criminal conviction of the gang’s members.
“This reward offer stems from Microsoft’s recognition that the Rustock botnet is responsible for a number of criminal activities and serves to underscore our commitment to tracking down those behind it,” he wrote.
Microsoft already took credit in March for disrupting the mega botnet that, by the end of last year, was responsible for nearly half of all spam.
The DCU also reported earlier this month that the operation, known as Operation b49, to sever connections to Rustock’s central servers had halved the scale of infection of known IP addresses.
“There are still hundreds of thousands of infected computers around the world yet to be cleaned of the botnet malware,” Boscovich warned.
Before the DCU operation, not only did Rustock have the capacity to send 30 billion spam mails every day, Microsoft said it was responsible for a number of other crimes as well. These included advertising counterfeit or unapproved versions of pharmaceuticals, and violating the trademarks of the pharmaceutical manufacturer Pfizer and Microsoft.
“We also believe the Rustock bot-herders should be held accountable for their actions,” Boscovich added.
Microsoft is offering free information and resources to clean up the systems of users who suspect their computers have been infected by the Rustock malware.
Paul Ducklin, head of technology in Asia Pacific for security software firm Sophos, pointed out Microsoft has been offering the same size rewards for information leading to cyber criminal gangs for some years now.
“Rewards like this aren't new to Microsoft – nearly eight years ago, the software giant announced a $5 million fighting fund to encourage people to dob in their virus-writing chums,” he wrote in a blog yesterday.
But Ducklin questioned the effectiveness of the tactic, saying the reward’s monetary value nowadays paled into insignificance against the potentially vast sums of money cyber crooks can now make.
This article originally appeared at itpro.co.uk
