Microsoft Offers $250,000 Reward For Botnet Info

← Back to Stories (view on slashdot.org)

Microsoft Offers $250,000 Reward For Botnet Info

Posted by Soulskill on Monday July 18, 2011 @06:19AM from the dead-or-alive dept.

Orome1 writes "Microsoft decided to extend their efforts to establish the identity of those responsible for controlling the Rustock botnet by issuing a $250,000 reward for new information that results in the identification, arrest and criminal conviction of such individual(s). 'While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.' Residents of any country are eligible for the reward pursuant to the laws of that country."

64 of 99 comments (clear)

Min score:

Reason:

Sort:

I wonder if the $250,000 reward by h1q · 2011-07-18 06:26 · Score: 1, Insightful

will successfully direct attention away from Microsoft's failure to secure their operating system?
1. Re:I wonder if the $250,000 reward by RazzleFrog · 2011-07-18 06:27 · Score: 4, Insightful
  
  The only secure operating system is one not connected to any network, locked in a closet with no user interface.
2. Re:I wonder if the $250,000 reward by Anonymous Coward · 2011-07-18 06:31 · Score: 1
  
  No one expects the Spanish Inquisition
3. Re:I wonder if the $250,000 reward by second_coming · 2011-07-18 06:32 · Score: 2
  
  nothing is ever 100% secure, at least they are making an effort to shut down the spam pushers.
4. Re:I wonder if the $250,000 reward by Anonymous Coward · 2011-07-18 06:33 · Score: 2, Insightful
  
  no worries.. there's always people like you to make sure the fud stays front and center..
5. Re:I wonder if the $250,000 reward by poetmatt · 2011-07-18 06:35 · Score: 1
  
  Nothing has to be 100% secure. You can still make things a whole hell of a lot more secure than MS enables people to reduce things to. It's not like MS products are entirely insecure, it's more that they let users reduce their own security, which is still MS's fault.
6. Re:I wonder if the $250,000 reward by geminidomino · 2011-07-18 06:37 · Score: 4, Funny
  
  Pfft. You call that secure?
  You want secure, you need to fill all USB/PS2/VGA/HDMI ports with epoxy, encase the individual HDD platters in concrete, and hide each one in a separate underground ruin guarded by an ancient eldritch horror spread across the entirety of Hyrule -- After memorizing and putting into practice all relevant entries on the evil overlord list.
  THAT'S security.
7. Re:I wonder if the $250,000 reward by Riceballsan · 2011-07-18 06:42 · Score: 1
  
  Honestly it's a 50/50 mix on that, some of it is Microsoft's failure to secure their OS, but not all of it. Botnets can and will happen on any OS, security holes can and will happen on any OS. I do find Microsoft response time to many threats downright horrific, due to a lack of proactive response. Many times security holes are announced to them, then 5 months later after they are being exploited, Microsoft begins to work on patching them. What I do find ironic here though, is Microsoft pretty much mocks Mozilla and Google for bug bounties, and here they are finding the re-active equivalent to the proactive solution. Why pay someone to solve the problem before it hurts users, lets pay them after users are being hurt.
8. Re:I wonder if the $250,000 reward by Baloroth · 2011-07-18 06:53 · Score: 3, Informative
  
  And what would you prefer? The iOS way of locking everything down? Linux sure as hell lets users reduce their own security. I can easily run everything as root, under any distro I've ever used. OSX does the same. Any operating system that lets its users actually, you know, use it, will absolutely have to allow this. The easier this is to do, the better for most customers. And this will never change. Now, if its in an administrated environment the admin can set up Linux so that the user can't compromise the system, but you can do that in Windows too. You simply cannot create a security model in the practical world that doesn't allow the primary user to lower his own security. Unless, of course, you don't let the user modify the OS or install what he wants. Which is why Apple locks down the iPhone so heavily. Or rather, tries to.
  
  --
  "None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
9. Re:I wonder if the $250,000 reward by Twinbee · 2011-07-18 06:55 · Score: 2
  
  You get levels though. 99% secure or 99.99999% secure is a huge difference.
  
  --
  Why OpalCalc is the best Windows calc
10. Re:I wonder if the $250,000 reward by impaledsunset · 2011-07-18 06:56 · Score: 1
  
  A seasoned hacker will break your security with little effort. What about the disks with durable encryption that lasts for millennia with keys taken by recording data from pulsars?
11. Re:I wonder if the $250,000 reward by geminidomino · 2011-07-18 06:56 · Score: 1
  
  That's because he skipped the "Evil Overlord" step. Might as well have just set it up with "admin/pass" as its credentials...
12. Re:I wonder if the $250,000 reward by interkin3tic · 2011-07-18 06:57 · Score: 1
  
  will successfully direct attention away from Microsoft's failure to secure their operating system?
  Seems like they're getting almost zero attention now for it (possibly deservedly so). Hard to get much lower than zero, or even get to zero. So no, it won't, and were that the goal it would be laughable.
13. Re:I wonder if the $250,000 reward by Flea+of+Pain · 2011-07-18 07:00 · Score: 1
  
  All over Hyrule? All you need to do is put them in the water temple. That place was just cruel.
  
  --
  Do not argue with an idiot. He will drag you down to his level and beat you with experience.
14. Re:I wonder if the $250,000 reward by CharlyFoxtrot · 2011-07-18 07:04 · Score: 2
  
  You know what would successfully kill off all these botnets ? If MS held a "piracy amnesty day" where everyone could bring in their PC to a team of volunteer geeks and have them install a legit and fully patched version of Windows in place of the virus ridden downloaded hacked version they have. 1 day, good PR and all they need to do is eat the virtual cost of the pirated versions.
  
  --
  If all else fails, immortality can always be assured by spectacular error.
15. Re:I wonder if the $250,000 reward by NeverVotedBush · 2011-07-18 07:07 · Score: 2
  
  Wouldn't those keys possibly repeat?
16. Re:I wonder if the $250,000 reward by NeverVotedBush · 2011-07-18 07:09 · Score: 2
  
  Or, that he/she is aware of...
17. Re:I wonder if the $250,000 reward by SCHecklerX · 2011-07-18 07:18 · Score: 4, Insightful
  
  Yes, but there are conservative configurations and best practices that avoid most of the problems. And Microsoft ignored these things for years. Even today, they think that inbound blocking on client systems not on a trusted domain is enough. You can go anywhere that there are windows clients (airports are great candidates), and you'll see all kinds of friggin' netbios broadcasts from machines that KNOW they are on an untrusted network. WHY?
18. Re:I wonder if the $250,000 reward by second_coming · 2011-07-18 09:20 · Score: 1
  
  The main problem I would say is that the majority of PC users are completely clueless with regards to keeping their system patched and up to date let alone making sure they have decent antivirus. So unless you can ship an OS which is secure and never needs patching the problem is not going away anytime soon.
19. Re:I wonder if the $250,000 reward by hairyfeet · 2011-07-18 09:41 · Score: 2
  
  Did you miss the earlier article on how Apple got iOS rooted in a single day? Or maybe the KDELook malware that went around a couple of years back? How about hot to write a Linux virus in 5 easy steps?
  Protip: ALL OSes can and WILL be pwned simply because they are extremely complex interacting systems and nobody, not even Torvalds and the heads of Apple and MSFT engineering can tell you EXACTLY what every possible interaction with each subsystem will output simply because our computers do more than ever before with multicores, GPUs made up of dozens to hundreds of stream processors, and tons of third party code running on top of it all.
  As someone who fixes infected PCs 6 days a week and just got done cleaning out another security tool variant let me give you this observation from experience on where most of the malware gets into the PC...PEBKAC.The big attack vectors i'm seeing day after day, in no particular order, is: 1.- The "you want teh hot lesbos? you need to run our Iz_not_Viruz_iz_codec.exe to play teh vidz!" 2.- The "ZOMG you got teh viruz! To fix run our Iz_not_Viruz_iz_cleanerz.exe to get rid of it ZOMG!" 3.-The "Use the new Limewire (Iz_not_Viruz_iz_Limewirez) to download teh latest Titney_Spearz.mp3.exe tunez today!" and 4.-"Hey my BFF sent me a funny cat video! It says I should run Iz_not_Viruz_iz_LOLCatz to see teh kittiez!"
  As you will notice with ALL of the above you simply don't have to bother with an exploit for ANY of those, as the user IS the exploit and is the weakest link. The last major "WTF?" that MSFT had, the "Hey lets run everybody as admin!" officially died with Vista and since 7 doesn't bug the crap out of folks with "Cancel/allow?" boxes every three seconds UAC has been left on and along with low rights mode in IE and Chromium based is doing a good job, as we saw by the numbers released the other week where there are only 4 per 1000 7 machines infected VS 14 for XP.
  But as long as you have people willing to ignore or even turn off their AV (as I had the other week with a customer and the "Iz_Not_Bug_Iz_Limewire") because a malware writer waved a cookie in front of them then frankly I don't see what else can be done besides what MSFT is already doing with the free MSRT and MSE. And as we have seen with first MacDefender and now MacGuard (which doesn't even need the password anymore) on OSX and the nasty Android trojan apps it doesn't matter whether you are on an alternative OS or not, all that matters is whether or not the bad guys want in bad enough to do the work and whether you have any users who'll run "Iz_Not_Bug_Iz" style apps. sadly I've found that WAAAY too many are more than happy to do just that. Will this bounty crap work? Who knows, I think the money would be better served paying researchers to tear the botnet's guts apart and trace their way back, but they say there is no honor among thieves.
  And I apologize about the length, I just find it incredibly ridiculous that anyone still believe ANY company, be it Apple, Google, or MSFT, can wave a magic wand and make PEBKAC disappear. There have been attempts at education (MSFT puts out plenty warning about email attachments and other major attack vectors) there have been attempts to lock the user away from anything bad (Apple) and using Linux to stop malware (Google with Android) and ALL HAVE FAILED. All you can do is cut down the risks as best you can and be ready to clean up the mess when Forest Gump ignores you to "see teh tittiez!"
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
20. Re:I wonder if the $250,000 reward by LordLimecat · 2011-07-18 09:50 · Score: 1
  
  You can go anywhere that there are windows clients (airports are great candidates), and you'll see all kinds of friggin' ARP broadcasts from machines that KNOW they are on an untrusted network. WHY?
  FTFY. And yea, those broadcasts are really an indicator of terrible security.
21. Re:I wonder if the $250,000 reward by Stan92057 · 2011-07-18 12:31 · Score: 1
  
  Not when we have anti MS zelots as yourself they wont LOL
  
  --
  Jack of all trades,master of none
22. Re:I wonder if the $250,000 reward by DeeEff · 2011-07-18 17:28 · Score: 1
  
  You wouldn't be talking about GNU/Hurd would you?
23. Re:I wonder if the $250,000 reward by parlancex · 2011-07-18 17:38 · Score: 1
  
  Has / does Windows have security problems? Sure, but I disagree that you can blame Microsoft for everything.
  
  Does anyone remember the huge outcry and fear and tinfoil hatting when it was announced that Windows 7 would require driver signing by default? Microsoft gets blamed for anything that takes away control of the computer from the end user, but they also get blamed for the results of whatever every stupid end user happens to do.
  
  If you even think that secure defaults would prevent these kinds of problems you have probably never worked in IT. Users will click and ignore and install and agree to anything that stands between them and whatever goat porn / Rebecca Black garbage bullshit they want to download.
24. Re:I wonder if the $250,000 reward by Gripp · 2011-07-19 04:51 · Score: 1
  
  i could still solder in a connection :) want real security? strong magnets + hammer + steamroller + dog urine + >2000 degree inferno. that should do the trick. no one will EVER get the info off that drive again :)
Re:Veto threat against House GOP debt plan by Anonymous Coward · 2011-07-18 06:28 · Score: 1

What?
would love to see some statistics on this by v1 · 2011-07-18 06:29 · Score: 1

I wonder if they rake in 250k a month (or week) renting such a botnet? May start leading to some entertaining extortion...

--
I work for the Department of Redundancy Department.
1. Re:would love to see some statistics on this by c6gunner · 2011-07-18 07:51 · Score: 1
  
  I wonder if they rake in 250k a month (or week) renting such a botnet? May start leading to some entertaining extortion...
  Well ...
  1. It's a REALLY bad idea to try and extort criminals.
  and
  2. Personally, I'd rather report it Microsoft anyway. $250k is a big enough reward to allow morality to win out over greed ;)
2. Re:would love to see some statistics on this by v1 · 2011-07-18 08:05 · Score: 1
  
  1. It's a REALLY bad idea to try and extort criminals.
  It's also a really bad idea to do something that lands a $250k bounty on your head. But they do it anyway because it's get-rich-quick. Besides, it's going to be more criminals doing the extorting, they're used to shady, dangerous deals.
  It'll happen. Or it'll get tried. Probably more than once. At the very least, it'll raise the herder's paranoia a notch or two. (and I mean in the plural, these nets aren't being run by some recluse in his basement, these are like little sweatshops with a dozen+ involved) Even that alone could help - you get a group of 4 or 5 already nervous criminals a bit more on edge and there's bound to be some paranoia-driven backstabbing getting kicked up. And that can only help resolve the problem more quickly.
  
  --
  I work for the Department of Redundancy Department.
Re:He's somewhere on earth. by Forty+Two+Tenfold · 2011-07-18 06:31 · Score: 4, Funny

In some bank.

--
Upward mobility is a slippery slope - the higher you climb the more you show your ass.
Get a rope! by sneakyimp · 2011-07-18 06:39 · Score: 1

That there's some seeeeerious cash. Obviously, it's time to form us up a posse and find these mofos. Who's in boys (and girls)??!!
This a Faustian bargain, isn't it? by elrous0 · 2011-07-18 06:40 · Score: 3, Insightful

Let me guess, you get the $250,000 in pennies? Or maybe you get it, only to die an hour later?

--
SJW: Someone who has run out of real oppression, and has to fake it.
1. Re:This a Faustian bargain, isn't it? by v1 · 2011-07-18 07:25 · Score: 1
  
  Let me guess, you get the $250,000 in pennies?
  No they'll send you a money order. And some recommended places to invest some of it.
  
  --
  I work for the Department of Redundancy Department.
2. Re:This a Faustian bargain, isn't it? by Jeng · 2011-07-18 07:32 · Score: 1
  
  Any penny made during 1982 and later is only copper coated zinc.
  Not nearly as valuable.
  
  --
  Don't know something? Look it up. Still don't know? Then ask.
3. Re:This a Faustian bargain, isn't it? by Ruke · 2011-07-18 07:38 · Score: 2
  
  Wikipedia:
  
  As of January 14, 2011 the metallurgical value of the copper in pre-1982 bronze and brass cents is 289% of their face value. Post-1982 copper plated zinc cents have a metallurgical value of 64% of their face value.
  Have fun with your 62,500 kilograms of dead weight.
4. Re:This a Faustian bargain, isn't it? by Bad_Feeling · 2011-07-18 12:40 · Score: 1
  
  Actually, if you read the fine print, it's $250,000 of Vista CDs.
  
  --
  Disclaimer: On the other hand, I am kind of a psycho...
5. Re:This a Faustian bargain, isn't it? by DeeEff · 2011-07-18 17:29 · Score: 1
  
  Well, we can always take solace in the fact it wasn't Windows ME....
The Ultimate Irony by tgeek · 2011-07-18 06:41 · Score: 1

Wouldn't it be the ultimate irony if Rustock reared up and shutdown Microsoft's reward/bounty site? If I had a spare $250k laying around I'd pay to see that.
1. Re:The Ultimate Irony by Anonymous Coward · 2011-07-18 06:46 · Score: 2, Insightful
  
  If I had a spare $250k laying around I'd pay to see that.
  With that sort of priority, it shouldn't be any surprise that you do not have a 'spare $250K laying around', in the first place.
I got it. by 140Mandak262Jamuna · 2011-07-18 06:42 · Score: 2

That botnet is run by a rogue newspaper called News of The World, and the ring leader is one James Murdoch. Where do I collect my reward?

--
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Cheaper than... by Synerg1y · 2011-07-18 06:43 · Score: 1

Hiring a security team/ firm to go do it for them. But Microsoft forgets... the internet community hates you, maybe they could enlist the fine people who made Windows Vista as a reminder.
nice try by lpaul55 · 2011-07-18 06:43 · Score: 2

Not every problem can be solved by throwing money at it, as Murdoch has learned.
Does Micro$oft have any other resources that could be applied to the problem?

--
... now back to the bit mines.
1. Re:nice try by Ruke · 2011-07-18 06:48 · Score: 5, Insightful
  
  On the other hand, a lot of problems can be solved by throwing money at them. If I "knew a guy" who ran a botnet, you can bet that I'd sell his ass to Microsoft for five years' salary.
2. Re:nice try by Rakarra · 2011-07-18 07:36 · Score: 1
  
  On the other hand, a lot of problems can be solved by throwing money at them. If I "knew a guy" who ran a botnet, you can bet that I'd sell his ass to Microsoft for five years' salary.
  Your salary sucks.
  Maybe, but hardly unusual for those who work outside the tech sector.
3. Re:nice try by Ruke · 2011-07-18 07:47 · Score: 2
  
  Maybe it does. On the other hand, maybe I'm just efficient at being happy.
4. Re:nice try by elashish14 · 2011-07-18 17:27 · Score: 1
  
  Isn't this really similar to the program where they get disgruntled ex-employees to report incidents of pirated software in the workplace?
  
  --
  I have left slashdot and am now on Soylent News. FUCK YOU DICE.
5. Re:nice try by jira · 2011-07-18 19:39 · Score: 1
  
  Well, they can always "Ask Slashdot". There seems to be a lot of experts (at least on what MS should/should not do).
I don't suppose by mswhippingboy · 2011-07-18 06:50 · Score: 2

a $250,000 reward for new information that results in the identification, arrest and criminal conviction of such individual(s)
I don't suppose "MS, your security sucks" would qualify as new information, although that's "who's" ultimately responsible for the success of this botnet. Oh well.

--
Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
1. Re:I don't suppose by c6gunner · 2011-07-18 07:56 · Score: 1
  
  I don't suppose "MS, your security sucks" would qualify as new information, although that's "who's" ultimately responsible for the success of this botnet. Oh well.
  Thank you for that "information". Your reward is a free kick in the balls with a frozen mukluk. Please post your address in a followup comment. Expedited delivery is available at a cost of $15. Thank you.
nice red herring by sl4shd0rk · 2011-07-18 06:51 · Score: 2

Focus blame on bot herders, no need to fix software problems.

--
Join the Slashcott! Feb 10 thru Feb 17!
1. Re:nice red herring by Samurai+Nigel · 2011-07-18 06:56 · Score: 1
  
  Focus blame on a ten year old operating system that people refuse to update or replace, not on the people out there exploiting it.
2. Re:nice red herring by Locutus · 2011-07-18 07:11 · Score: 1
  
  and it's cheap too. What fool would expect Microsoft to tell you the information you just gave them was "new"? Why does it remind me of their method of filing patents? Like everything else from them, it's more likely to be just another PR stunt. IMO
  
  LoB
  
  --
  "Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
3. Re:nice red herring by Joce640k · 2011-07-18 07:27 · Score: 1
  
  Focus blame on users who click "yes" to any old popup window (it could happen on any OS no matter how secure).
  It will be interesting to see what happens next. Huge bounties followed by a well publicized trial where people go to prison might actually work to deter other wannabe botnet makers.
  
  --
  No sig today...
hmmm money by zAPPzAPP · 2011-07-18 07:05 · Score: 1

Maybe they give me 10$ for linking to this news.
Time for the botnet owner to cash in with some new, yet unthreatening info?
The only problem is... by MHolmesIV · 2011-07-18 07:13 · Score: 1

The money is currently tied up in Escrow after the PRINCE died, and we need your help to LIBERATE it. For your efforts, WE will pay you THE SUM OF $250000 (TWO HUNDRED AND FIFTY THOUSAND US DOLLARS).
Send your Name, Address, Social Security Number, a recent photo, and your Bank account info to:
MICROSOFT RUSTOCK INFO
C/O MR SIPHO DLAMINI
512 MAIN STREET
ABUJA, NIGERIA
Also, we will send you a free sample of our new herbal PEN?IS ENLARGEMENT system.
Spamhaus is a good start... by Eggplant62 · 2011-07-18 07:28 · Score: 1

One wonders, are they working at all with Steve Linford and Spamhaus? If not, why not? I know of no other well-researched collection of information, nor any other man well versed in who's sending spam.
Finally....woot woot to M$ by hesaigo999ca · 2011-07-18 07:36 · Score: 1

I have to applaud their strategy...let the coders doing all the work for the criminals, give in of the source code for some dough for a great relocation to some hot palm tree filled island...in the mean time giving away trade secrets belonging to the underground cybermafia....to totally devastate their revenu stream, and this will be superb! I cant wait till their start doing it.....
The key word here is "new" by Psicopatico · 2011-07-18 08:37 · Score: 1

*ring*
- Hi, I'm Bob from Microsoft Happy Hunting Customer Care. How can I help you?
- Hi, the name of the Rustock botnet master is "John Doe". Now let's talk about the 250K$...
- I'm sorry Sir, but we already knew that, so no bucks for you. Have a nice day!

--
Mastering the English language is fucking easy: all you have to do is to put an f* word in every fucking sentence.
Do I win the $250,000? by RobertM1968 · 2011-07-18 09:22 · Score: 1

Bill Gates/Steve Ballmer and teams...
1 Microsoft Way
Redmond Washington
So... do I win?
</end poor attempt at humor>

--
StarTrekPhase2 - The Five Year Mission Continues!
Coincidence? by Boawk · 2011-07-18 11:15 · Score: 1

The patent for Clippy is reportedly valued at $250,000.
pretty bad terms by Bram+Stolk · 2011-07-18 12:53 · Score: 1

I don't think they made the terms-of-payment very attractive to the would be informant.
They want identification, arrest and conviction. Yeah, right! Those kind of rewards never pay out.
If I could finger someone, I would not trust to see it through to conviction and get the money.
Especially if the perpetrator is in China or Russia.
Do you think it would ever lead to conviction in that case, even if the culprit is known?
Microsoft should be a lot more bold here, and award to 250K for the identification.
Or maybe even split it up: 100K for identification, 100K for arrest and 100K for conviction.

--
Bram Stolk http://stolk.org/tlctc/
CUDA Trojan in wild... by user+flynn · 2011-07-18 15:09 · Score: 1

Need to keep an outdated graphics card to be safe.

--
In the distance you hear an ominous moo.
Fixed by sycodon · 2011-07-18 16:20 · Score: 1

"Microsoft decided to extend their efforts to establish the identity of those responsible for controlling the Rustock botnet by issuing a $250,000 reward for new information that results in the identification, apprehension and crucifixion of such individual(s).
There. That's what they should have said.

--
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
I wonder... by DeeEff · 2011-07-18 17:33 · Score: 1

If you happened to be a botnet owner, and you turned yourself in to Microsoft, would they pay your lawyer fees and bail as well?
Just saying, some of the smaller botnets could make a lot of money that way.....