Rustock Reigned In

Chalk up a big win for the white hats in the ongoing cyberwar against the evil spammers.

Good guys take down notorious Rustock spamming botnet

Rustock, one of the largest and most notorious spam botnets, suddenly fell silent Wednesday and has remained off line.

The takedown of Rustock’s 26 command-and-control servers appears to be the result of a coordinated effort by longstanding anti-spamming groups, the most prominent of which is Spamhaus.org, according to cybersecurity blogger Brian Krebs, who broke the story.

Rustock’s control servers directed the activities of hundreds of thousands of infected PCs in homes and businesses, used primarily to deliver e-mail and social network messaging spam. Rustock is infamous for spreading ads for drugs from unlicensed online pharmacies.

Details of how the takedown was achieved are unclear; Rustock’s control servers were renowned for being nigh impregnable.

Rustock has been around for at least three years, and late last year had doubled its spam output over the previous year; in 2010, Rustock sent out more than 44 billion spam emails per day, accounting for as much as 48% of all spam, and had more than one million bots under its control, according to MessageLabs, Symantec’ messaging security division.

See also:
Rustock Botnet Flatlined with No Spam Activity
Notorious Spamming Botnet, Rustock, Takes a Fall
Rustock botnet’s operations disrupted
Major spam network silenced mid-campaign
Rustock botnet goes quiet again
The World’s Largest Spambot Network Goes Quiet
Prolific Spam Network Is Unplugged
Prolific Spam Network Is Unplugged
Rustock Botnet is Down, But Maybe Not Out
Rustock botnet

It still amazes me how the botnet spammers find hundreds of thousands of computers to infect. If everyone would just keep their software patches up to date, botnets wouldn’t be a problem in the first place. It’s like leaving the front door to your house wide open with a sign that says “burglars welcome”.

/one of the biggest upshots of the Rustock takedown is that if you want to buy Viagra or other erectile dysfunction drugs in the future, you’re going to have to go see your doctor, because the spam offers will hopefully no longer flood your email inbox

Spam, Spam, Not So Wonderful Spam

Oh sure, he’s an “ambulance chaser”. But hey, in this case, the ambulance deserves to be chased.

Man quits job, makes living suing e-mail spammers

Daniel Balsam hates spam. Most everybody does, of course. But he has acted on his hate as few have, going far beyond simply hitting the delete button. He sues them.

Eight years ago, Balsam was working as a marketer when he received one too many e-mail pitches to enlarge his breasts.

Enraged, he launched a Web site called Danhatesspam.com, quit a career in marketing to go to law school and is making a decent living suing companies who flood his e-mail inboxes with offers of cheap drugs, free sex and unbelievable vacations.

“I feel like I’m doing a little bit of good cleaning up the Internet,” Balsam said.

. . .

Still, Balsam settles enough lawsuits and collects enough from judgments to make a living. He has racked up well in excess of $1 million in court judgments and lawsuit settlements with companies accused of sending illegal spam.

His courtroom foes contend that Balsam is one of many sole practitioners unfairly exploiting anti-spam sentiments and laws. They accuse him of filing lawsuits against out-of-state companies that would rather pay a small settlement than expend the resources to fight the legal claims.

. . .

Balsam certainly isn’t the average Internet consumer.

When San Mateo Superior Court Judge Marie Weiner in March ordered Trancos Inc. to pay Balsam $7,000 for sending spam that recipients couldn’t stop, she noted that he has more than 100 e-mail addresses.

See also:
Anti-Spam Crusader Dan Balsam Takes on ‘Cheating Wives,’ Other Spammers
Man Quits Job, Makes Living Suing E-Mail Spammers
Daniel Balsam, the Man Who Quit His Job to Make a Living Suing Spammers
Daniel Balsam Job: Suing Email Spammers
The Man Who Makes His Living Suing Email Spammers
Man Quits Job; Now Makes Millions Fighting Spam
Daniel Balsam, Anti-Spam Crusader
Daniel Balsam, the Man Who Quit His Job to Make a Living Suing Spammers
Calif marketer goes to law school to sue over spam
Breast-Enlargement E-Mail Spurs Marketer Into Law School and Anti-Spam Practice
Calif marketer goes to law school to sue over spam
San Francisco attorney on crusade to end spam
DanHatesSpam.com

So, Balsam maintains hundreds of e-mail addresses to deliberately collect spam and then turns around and sues the senders for sending him the spam. Talk about you niche law practice. It’s not the most ethical and noble way to use a law degree to make a living, but the spammers are worse and they’re the one’s violating the law.

/pretty harmless as far as “ambulance chasers” go, at least Balsam isn’t filing frivolous lawsuits against legitimate companies

We’re Number One, We’re Number One!

This is why it’s important to keep your computer security up to date.

US Ranks First for Bot-Infected Computers and Spam Output

According to data gathered by Microsoft’s Malicious Software Removal Tool (MSRT), the United States had the highest number of computers infected with botnet malware, during the first half of 2010.

Botnet are armies of infected computers, which connect to remote command and control (C&C) servers and listen to instructions from attackers.

Botnets can serve a variety of criminal activities, but the largest ones are primarily used to send spam.

According to a recent report from Symantec, during the first half of the year, 90% of the daily spam traffic was generated by five to six million compromised computers.

In the latest edition of its Security Intelligence Report (SIR), Microsoft reveals that during Q2, MSRT has cleaned 2,148,169 bot infections from US computers.

That’s four times more than in the second country on the list, Brazil, with 511,002. Spain (485,603), Korea (422,663) and Mexico (364,554) complete the top five.

“Unsurprisingly, the list is dominated by populous locations with large numbers of computer users, led by the United States and Brazil,” says Microsoft.

However, there are at least two regions with large numbers of computers that do not dominate the list – China, which finished 8th, and Russia, 9th.

See also:
Featured Intelligence – Battling Botnets
USA Is Still #1 In Botnets
United States Ranked Number One for Relaying Spam, Sophos Reports
Report: United States is world’s top spammer
US Has Most Botnet-infected PC’s
Microsoft Report: 2 Million US PCs Part of Botnets
Microsoft: Over 2 million U.S. PCs caught in botnets
Millions Of US Computers Completely Pwned By Botnets
Microsoft: Your Computer Could be One of 2.2 Million Infected Botnet PCs
Microsoft: Botnets are the ‘launch pad of cybercrime’

If you’re not sure whether you have an infected computer, run Microsoft’s Malicious Software Removal Tool (MRT). Go to Start/Run and then type in “mrt”.

/if you’re not part of the solution, you’re part of the problem