Microsoft Searched For Botnet Founder in Russia


Prime VIP

The largest software empire in the world, Microsoft keeps pushing into Russia in its attempts to find the botnet herders who established Rustock. The company had to place quarter-page notifications in 2 Russian newspapers. This was required as a legal formality for the Microsoft’s ongoing lawsuit in the United States against Rustock creators.

The adverts are aimed at notifying the unnamed defendants in the lawsuit and providing them with an opportunity to make their case in the court of the United States. Actually, it’s very unlikely that whoever associated with one of the largest botnets in the world would suddenly realize that they are being pursued in the United States and decide to immediately go there in order to hire the sharpest and most expensive attorneys to defend.

The software empire has launched a lawsuit in the American District Court for the Western District of Washington. The case was filed against eleven unnamed defendants who are still unidentified by Microsoft.

The advertisements will run for one month in the two largest Russian cities: “The Moscow News” at the country’s capital and in “The Busy Petersburg” at St. Petersburg, aka the Northern capital of Russia.

Richard Boscovich, a senior attorney with the company’s Digital Crimes Unit admitted in his blog that it’s unlikely that the individuals associated with the IP addresses and domain names related to the Rustock botnet ever come forward. Nevertheless, Boscovich is hoping that the defendants will emerge from the woodwork. In case they don’t, the software giant will keep pursuing them, even within the judicial system of the Russian Federation, if necessary.

Although nobody has been prosecuted yet for operating Rustock, the botnet itself remains nonfunctional, while the numbers of infected PCs containing its code keeps falling. The company has managed to identify a Webmoney account used to pay for some of the Rustock funds. The account was owned by Vladimir Alexandrovich Shergin from Khimki, a Moscow suburb. At the moment the company is trying to learn whether this information is true. In addition, there was also an individual nicknamed "Cosma2k", who was reported to sign up for equipment that was used for command-and-control servers of the botnet. Apart from Cosma2k, the guy also used the names Artem Sergeev, Dmitri A. Sergeev, and Sergey Vladomirovich Sergeev.