Microsoft Found 400,000 Compromised E-mails

*Genius*

Prime VIP
During the Rustock takedown, Microsoft insecurity experts have discovered hundreds of thousands of compromised e-mail addresses that were stored in the Rustock servers.



Microsoft confirmed that over 400,000 e-mail addresses were found on a hard drive seized during the raid at Rustock. The database of the compromised email addresses is suspected to be used for nicking credit card numbers.

The experts have also claimed at the District Court of the United States for the Western District of Washington that they were able to provide more evidence that the seized servers had acted as an integral part of the spam dissemination campaign of the botnet.

Microsoft confirmed that the hard drives contained custom software designed for assembling spam messages and text files, which contained information about thousands of email addresses and combination of user names and passwords. In addition, the experts have found the evidence that the gang had used stolen credit card numbers to pay for hosting and e-mail services. One of the found text files had over 427,000 e-mail addresses.

Besides, the company also found proof that the founders of Rustock were based in the Russian Federation. First of all, the name of the service (Rustock) was already a giveaway, plus there were some payments for the hosting services that were traced to a certain Webmoney account. In fact, it was Webmoney that helped the experts to trace the account owned by Vladimir Alexandrovich Shergin. The individual appeared to reside in Moscow suburb Khimki.

The software giant said its insecurity experts are still working to find out if the revealed name and contact data are authentic. Microsoft is also going to find out whether that was a stolen identity or this person was really associated with the activity of the Rustock gang.

However, tracing the source of the botnet seems to be difficult, because most of the twenty hard drives that have been seized within the raid at Rustock were used as Tor nodes in order to anonymize online traffic. In other words, finding out any information about them will be quite tricky.

 
Top