Microsoft puts £155,000 bounty on botnet operator

Software giant Microsoft has offered a $250,000 (£155,000) reward for information leading to the capture and arrest of the criminals behind the Rustock botnet.

Writing on his blog, Richard Boscovich, senior attorney, Microsoft Digital Crimes Unit, explained that the company had previously notified the criminals of its capture of the botnet.

"After publishing notices in two Russian newspapers last month to notify the Rustock operators of the civil lawsuit, we decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward for $250,000 in return for new information that results in the identification, arrest and criminal conviction of such individual(s)."

Since Microsoft in effect gained control of the botnet as part of its efforts to take it offline, it is obliged to serve public notices giving the domain owners the opportunity to identify themselves.

However, given that they would immediately be arrested, they are unlikely to come forward.

Before Microsoft forced the network offline in March of this year, Rustock was the largest spam botnet ever discovered, capable of sending around 25,000 spam messages per hour from its 2.4 million PCs.

A botnet is a network of PCs infected with malware which means they can be controlled remotely. They are largely used to disseminate spam messages, and sometimes other malware.

Users inadvertently download the malware required to turn their PCs into a 'bot', or part of the criminal network', by clicking malicious links or unwittingly allowing malicious programmes to run.

Working in tandem with US law enforcement agents, Microsoft took the botnet down on March 16 2011, in what it terms Operation b107.