Skip to main content
  1. Home
  2. Computing
  3. News

Rustock botnet mysteriously goes dark

Geoff Duncan
By
Image used with permission by copyright holder

The shady world of botnets and malware distribution is always full of surprises, and few of them are pleasant. However, a recent development might just fall into that category: security researchers have noted that the command-and-control servers that manage the infamous Rustock botnet have gone offline. Rustock is one of the largest sources of email spam on the Internet, and its newfound silence has created a significant decline in the amount of spam in circulation. Some estimates have says Rustock is responsible for as much as 40 percent of the world’s spam.

The silence was first noted by security reporter Brian Krebs. At this point, there is no consensus amongst security researchers about why the network has gone silent: it’s possible that security researchers managed to take it down, that it got into a dispute with connectivity providers, or that it had simply been abandoned by its operators. It’s also possible Rustock’s operators are simply retooling the system, or perhaps have just taken an extended holiday: Rustock has had quiet periods before, only to roar back as strong as ever.

Recommended Videos

“Whatever the reason, lets hope this one sticks,” wrote M86’s Phil Hay. “Previous attempts at botnet shutdowns have tended to be short lived as the botnet herders simply regroup and start again. It’s too early to say bye bye Rustock, but the thought is certainly nice.”

Related

Rustock had been linked to Spamit.com, a Russian operator known for hosting services heavily promoted in spam messages, such as the company behind many of the “Canadian pharmacy” spam campaigns, GlavMed. Spamit.com shut down in October 2010.

In the last year, security researchers have struck some major blows against botnets and spammers, including the Waledac, Pushdo, and Bredolab botnets. However, botnets tend to re-emerge as operators take over old code and make modifications to bring new botnets online. For instance, Microsoft helped coordinate an unusual court-authorized action to take out Waledac back in early 2010…and a year later, Waledac was back on the move.

Editors' Recommendations

Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Apple’s antivirus strategy for Mac has gone fully preemptive, but is that enough?
Security and Privacy settings open on a MacBook.

Apple made its Macs even better at fighting malware in recent years, but don't relax just yet.

A recent blog post by Howard Oakley at the Eclectic Light Company details the changes Apple has quietly made in the past six months that mark a distinct change in strategy for protecting Macs, including spots where there are still holes of vulnerability, specifically for some older Macs.

Read more
This malware infects your motherboard and is almost impossible to remove
A digital encrypted lock with data multilayers.

Researchers have discovered malware that has been secretly infecting systems featuring Asus and Gigabyte motherboards for at least six years.

Since 2016, Chinese-speaking hackers have been infiltrating machines with the CosmicStrand malware, according to a report from Bleeping Computer.

Read more
You’ll never guess what hackers are using Microsoft Calculator for
A depiction of a hacker breaking into a system via the use of code.

Hackers have found an unusual and unconventional method to infect PCs with malware: distributing dangerous code with Windows Calculator.

The individuals behind the well-known QBot malware have managed to find a way to use the program to side-load malicious code on infected systems.

Read more