Feeds

Rustock zombies halved as clean-up efforts continue

Leaderless undead remotely brain-shot from Redmond

Secure remote control for conventional and virtual desktops

The zombie machines which formerly powered the infamous Rustock botnet are down to half their original number, according to Microsoft.

Redmond ran a successful takedown operation back in March that effectively knocked out Rustock's command and control nodes. That meant that infected PCs were no longer being sent spam templates or other instructions while doing nothing to alter the fact that they were contaminated with malware.

Subsequent efforts, including the addition of Rustock botnet disinfection agents to the Microsoft Malicious Software Removal tool, have reduced the number of infected hosts by more than half.

Worldwide Rustock infection rates are down from a zombie count of 1.6 million in the middle of March to 703,000 in the week ending 18 June, the latest available figures. India, the US and Turkey are the most infected countries, but the malware itself remains widely spread across the world, as explained in a blog post here.

Microsoft has pledged to continue its clean-up efforts. In the meantime it is chasing leads on the owners and operators of the botnet. The Rustock control servers were rented by two Russians - Vladimir Alexandrovich Shergin and Dmitri A Sergeev - who have each become key suspects in the case.

Rustock began operation in 2006 and, at its peak, accounted for more than 13.8 billion spam emails daily, most of which punted unlicensed pharmaceutical websites. The take down operation was the second of its type. Microsoft was also heavily involved in the takedown of the Waledac botnet in March 2010.

A Special Edition of Microsoft's Security Intelligence Report provides more information on the Rustock threat and can be found here. ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.