Thousands of Australians, who were conned into trying to buy fake Viagra made in China and India, online, or responded to “lottery Win” email messages only to find that they were fake, have Microsoft to thank for a major crime operation that bought down a Company responsible for 41 percent of all spam and the sending out 32 million spam messages a minute.
On Friday Microsoft said that a recent “Crime” operation involving drug Company Pfizer had resulted in the notorious international botnet Company, Rustock being crippled by the software Company.
Rustock was responsible for sending billions of spam messages with pitches to sell Viagra and other prescription drugs is believed to have conned hundreds of Australians with fake emails.
Microsoft said the Rustock; botnet had infected millions of computers and was sending out fake Microsoft lottery scams and offers to sell fake prescription drugs.
Richard Boscovich, senior attorney with the Microsoft Digital Crimes Unit said on Friday night “I’m happy to announce that based on the knowledge gained in that effort, we have successfully taken down a larger, more notorious and complex botnet known as Rustock. This botnet is estimated to have approximately a million infected computers operating under its control and has been known to be capable of sending billions of spam mails every day, including fake Microsoft lottery scams and offers for fake – and potentially dangerous – prescription drugs”.
The Microsoft operation came to light after a recent US Court case, which resulted in computers and servers, being seized cat internet hosting facilities.
The internet hosting companies were unaware that their computers had been taken over by Rustock.
According to Court documents Microsoft worked with drugmaker Pfizer, the network security provider FireEye and security experts at the University of Washington to catch the Company.
Microsoft also worked with law enforcement in the Netherlands to help dismantle part of the botnet’s command structure that was operating outside of the United States. Microsoft worked with CN-CERT in blocking the registration of domains in China.
Microsoft released sealed federal court documents that detail how Microsoft worked with Pfizer to tackle the botnet. The details in the documents also outline why it is difficult to bring down these elusive robot networks, which can infect millions of unsuspecting computers and send out spam or viruses.
According to one document, Microsoft provided Pfizer with five spam samples that Microsoft said were from Rustock.
In the court document, Patrick Ford, a senior director with Pfizer’s security division, said the spam was exposing unsuspecting patients to the risk of receiving counterfeit or unapproved drugs, including Viagra.
According to Tech Flash a Seattle based web Company, Pfizer hired a consultant to buy Viagra from five websites identified from the spam forwarded by Microsoft. According to Ford’s court statement, each spam email has a separate URL, but the vendor was redirected to the same open license program — doctorroe.com — to complete each purchase.
The Wall Street Journal also reported that Pfizer sent the purchased Viagra to the company’s lab, which determined three Viagra purchases were counterfeit, produced in China. Two others were unapproved generic versions made in India.
Pfizer also bought Viagra in Australia, England and France from the spam emails. Those samples of Viagra were made in Hong Kong.
Update: Microsoft sought to unseal court documents in federal court in Seattle following media reports about the botnet. The documents said that after Rustock was taken down, internet security researchers who monitor spam detected that Rustock’s spam levels dropped to almost zero Wednesday morning in the middle of a massive spam campaign.