It was the first time Microsoft used its malware bounty program since February 2009, when it offered the same amount for the people responsible for the fast-spreading Conficker worm.
Although Microsoft published legal notifications in Russian newspapers last month -- a legal formality designed to give potential defendants an opportunity to respond to charges -- it has not identified the "John Does" named in a U.S. federal lawsuit.
Microsoft 70-599 announced the reward early Monday in a blog written by Richard Boscovich, a senior attorney with the company's digital crimes unit. Microsoft also posted a reward document (PDF) that included an email address for tipsters.
"We decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward in the amount of $250,000 for new information that results in the identification, arrest and criminal conviction of such individual(s)," Boscovich wrote.
Microsoft kicked off a takedown of Rustock in March, when its lawyers, including Boscovich, and U.S. marshals seized the botnet's U.S.-based command-and-control servers.
In an interview two weeks ago, Boscovich said that Microsoft believes the Rustock operators reside in either St. Petersburg or Moscow.
Although Microsoft 70-599 launched the reward program in November 2003 with a $5 million fund, and has offered $250,000 bounties five times in the past, it has paid out only once, in 2005.
In that instance, two people split a reward for identifying a German teenager as the maker of Sasser.
Sven Jaschan, who was arrested in 2004, confessed to crafting the worm during his trial the following year. Jaschan was eventually sentenced to 21 months of probation.
Before Monday, Microsoft had also posted rewards for the makers of the Blaster, Sobig, MyDoom and Conficker worms. Those rewards have gone unclaimed, however.
Since then, the number of Windows PCs infected with the malware has dropped worldwide from 1.6 million to just over 700,000 as of mid-June, Boscovich reported earlier this month.
Two weeks ago, Boscovich refused to guarantee that Microsoft would be able to name those responsible for Rustock, but he said he liked the company's chances. "I believe there's a strong likelihood [that we'll identify someone], but it's not a guarantee," he said
Although Microsoft published legal notifications in Russian newspapers last month -- a legal formality designed to give potential defendants an opportunity to respond to charges -- it has not identified the "John Does" named in a U.S. federal lawsuit.
Microsoft 70-599 announced the reward early Monday in a blog written by Richard Boscovich, a senior attorney with the company's digital crimes unit. Microsoft also posted a reward document (PDF) that included an email address for tipsters.
"We decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward in the amount of $250,000 for new information that results in the identification, arrest and criminal conviction of such individual(s)," Boscovich wrote.
Microsoft kicked off a takedown of Rustock in March, when its lawyers, including Boscovich, and U.S. marshals seized the botnet's U.S.-based command-and-control servers.
In an interview two weeks ago, Boscovich said that Microsoft believes the Rustock operators reside in either St. Petersburg or Moscow.
Although Microsoft 70-599 launched the reward program in November 2003 with a $5 million fund, and has offered $250,000 bounties five times in the past, it has paid out only once, in 2005.
In that instance, two people split a reward for identifying a German teenager as the maker of Sasser.
Sven Jaschan, who was arrested in 2004, confessed to crafting the worm during his trial the following year. Jaschan was eventually sentenced to 21 months of probation.
Before Monday, Microsoft had also posted rewards for the makers of the Blaster, Sobig, MyDoom and Conficker worms. Those rewards have gone unclaimed, however.
Since then, the number of Windows PCs infected with the malware has dropped worldwide from 1.6 million to just over 700,000 as of mid-June, Boscovich reported earlier this month.
Two weeks ago, Boscovich refused to guarantee that Microsoft would be able to name those responsible for Rustock, but he said he liked the company's chances. "I believe there's a strong likelihood [that we'll identify someone], but it's not a guarantee," he said
