Rustock: civil case closed

Microsoft has officially announced that our civil case against the operators of the Rustock botnet (a major source of spam) has been closed and our teams have turned over the information we’ve gathered to the FBI.

The Rustock botnet is considered one of the largest sources of spam on the Internet and our case is helping to reduce the effects of the botnet and ensure that it will never be used for cybercrime again.

Learn how to clean an infected computer and help protect your PC with botnet protection and avoid malware.

What is the Rustock botnet?

The Rustock botnet is a network of infected computers controlled by cybercriminals and used for spam, fraud, and other cybercrime. The owners of infected computers probably had no idea that their computer was being used to send spam.

What did the Rustock botnet do?

Most of the spam messages generated by the Rustock botnet promoted counterfeit or unapproved generic pharmaceuticals from unlicensed and unregulated online drug sellers.  Rustock spam also used Microsoft’s trademark to promote these drugs. In another scheme, Rustock-generated email lured people into lottery scams in which spammers attempted to convince people that they had won a lottery. The victims were told that they needed to send the spammers money to collect the larger lottery winnings. 

Help protect yourself against these kinds of email and web scams.

Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of Rustock’s operators. Any tips should be sent directly to the FBI at

More information about the Rustock botnet

About the Author
Eve Blakemore

Group Manager, Trustworthy Computing

Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector, Read more »

Join the conversation

  1. Anonymous

    Thank you very much.

  2. Anonymous

    Thanks Microsoft for your help and being on the ball with this problem

Comments are closed.