Microsoft is to offer a bounty of $250,000 (£155,000) for information that results in the identification, arrest and criminal conviction of those responsible for controlling the Rustock botnet.
Microsoft was one of the companies involved in the takedown of the botnet in March, leading to a major reduction in spam for that month. According to Richard Boscovich, senior attorney of the Microsoft digital crimes unit, the reward stems from Microsoft's recognition that the Rustock botnet is responsible for a number of criminal activities and serves to underscore its commitment to tracking down those behind it.
He said: “While the primary goal for our legal and technical operation has been to stop and disrupt the threat that Rustock has posed for everyone affected by it, we also believe the Rustock bot-herders should be held accountable for their actions.
“Microsoft has already been gathering strong evidence in our ongoing investigation and this reward aims to take that effort a step further. We will continue to follow this case wherever it leads us and remain committed to working with our partners around the world to help people regain control of their Rustock-infected computers.”
Microsoft confirmed that residents of any country are eligible for the reward pursuant to the laws of that country, as Rustock affected the internet community worldwide. Anyone with information on the Rustock botnet or its operators should contact Microsoft at email@example.com.
David Harley, senior research fellow at ESET, said: “I'm not sure how much contribution Microsoft's bounties have made to the takedown of botnets and identification of cyber criminals, but I don't have a problem with their taking that approach.
“Obviously, I think the security industry has a place in the mitigation of threats by identifying and blocking malicious code, but if Microsoft can take successful botnets and gangs out of circulation by these methods, good luck to them. There's no single ‘right' way to fight crime.”
Microsoft previously offered the same bounty in February 2009 to find the controllers of the Conficker worm.