The world's biggest software company said its legal action against the operator of the Rustock 'botnet' -- or network of infected computers programed to send spam e-mail -- led to raids across the country on Thursday which effectively shut the network down.
Tech security bloggers who follow the activities of botnets worldwide noticed earlier on Thursday a sharp dip in spam e-mail coming from the Rustock network, which some estimate is responsible for almost half of the spam appearing in inboxes. However, they warned that total eradication requires long-term efforts.
After getting the go-ahead from federal court in Seattle, where Microsoft had filed a lawsuit against the botnet's operators, the company said it worked with the U.S. Marshals Service to raid hosting providers in seven U.S. cities early on Thursday, including Denver, Dallas, Chicago, Seattle and Columbus.
With help from the upstream providers, we successfully severed the IP addresses that controlled the botnet, cutting off communication and disabling it, said Richard Boscovich, senior attorney at Microsoft's Digital Crimes Unit in a blog post on Microsoft's site.
This case and this operation are ongoing and our investigators are now inspecting the evidence gathered from the seizures to learn what we can about the botnet's operations.
Microsoft thinks there may be a million computers infected with Rustock malware, sending out as many as 30 billion spam e-mails per day, without their users' knowledge.
Botnet operators get access to the computers through 'malware' downloaded onto PCs usually through an advertisement on a website.
The Rustock network was responsible for many of the fake lottery scam and pharmaceutical offers that e-mail users have become familiar with.
Microsoft said it was now working with Internet service providers and response teams around the world to help users get the Rustock malware off their computers.
(Reporting by Bill Rigby; Editing by Richard Chang, Bernard Orr)