Eideard

The Rustock botnet, which sent up to 30 billion spam messages per day, might have been run by two or three people. Early analysis, following raids to knock out the spam network, suggest that it was the work of a small team.

Rustock was made up of about one million hijacked PCs and employed a series of tricks to hide itself from scrutiny for years.

Since the raids on the network’s hardware, global spam levels have dropped and remain relatively low.

“It does not look like there were more than a couple of people running it to me,” said Alex Lanstein, a senior engineer at security firm FireEye, which helped with the investigation into Rustock…

He said that the character of the code inside the Rustock malware and the way the giant network was run suggested that it was operated by a small team…

Rustock evaded capture for years because of the clever way it was controlled, he said. Victims were snared when they visited websites seeded with booby-trapped adverts and links.

Once PCs were compromised, updates were regularly pushed out to them using custom written encryption. Those downloads contained the spam engine that despatched billions of ads for fake pharmaceuticals…

“When you are a programmer and you realise that you have the full force of the Microsoft legal department pointed directly at you, then you might say to yourself its time to try something else,” he said.

Any bets on whatever they do for grins, giggles and geedus, next – is legal? Once you get hooked on higher returns from crime it’s difficult to accept less.

An internet firm linked to many of the internet’s criminal gangs has been shut down.

The US Federal Trade Commission said Belize-based 3FN aided gangs that ran botnets, carried out phishing attacks and traded in images of child abuse.

The servers and net hardware of 3FN have been seized and are due to be sold off as the firm is dismantled.

The operators of 3FN must also pay back $1.08 million they are reputed to have made by hosting criminal sites…

It was involved in distributing spyware, viruses and trojans, had a hand in many phishing schemes and helped gangs sell illegal images. It also acted as a discussion forum for many spammers.

In particular, said the FTC, the net firm worked with fraudsters who run botnets and helped them steal data by seeding hijacked computers with keyloggers. It maintained a library of more than 4500 malicious programs that could pilfer data from hijacked PCs.

In June last year, the FTC used an injunction to cut 3FN off from other hosting providers and sever its connections to the net.

Now the FTC has gone a step further and won a court order that will see the company stop trading and its hardware confiscated. The FBI has been ordered to carry out the shut down and seizure operation.

Overdue.