Microsoft Chasing after Rustock botnet Admins

Listen to this article

With everyone busily analyzing Microsoft’s first public demonstration of Windows 8, and the thought of a first taste for developers this fall at the BUILD conference in Anaheim, one of its biggest security-related accomplishments has been largely forgotten about. Back in March, Microsoft scored one of the biggest victories against cybercriminals ever recorded when it successfully crippled the Rustock botnet.

Microsoft isn’t done, however. In addition to making sure Rustock doesn’t reanimate itself, the company is actively seeking out those who were responsible for the botnet’s operations. While no arrests have been made yet, Microsoft has filed subpoenas for individuals tied to 11 IP addresses. Senior Microsoft attorney Richard Boscovich remains optimistic that the as yet unknown defendants will make themselves known, but was quick to add that the company will continue its pursuit regardless — possibly by bringing the matter before the Russian judicial system.

One individual’s identity has been uncovered thus far: Vladimir Alexandrovich Shergin, a resident of Khimki who was connected with a Webmoney account which provided funding for Rustock’s command and control network. A second individual who utilized the handle “Cosma2k” was also named, though his or her real identity remains a mystery at this point.

Regardless of the outcome, Microsoft’s double-tap seems to have done the trick, reducing the amount of pharmaceutical spam in our inboxes to much more tolerable levels than what we were subjected to prior to the takedown.

About Faisal Ebrahim

Tech enthusiast, IT & Cybersecurity consultant & Sales manager. I'm passionate about staying ahead of the curve on emerging technologies, including EVs, AI, robotics, and the metaverse. For over 15 years, I've explored and shared these innovations on my blog,

Buy Me a Coffee