Since the takedown of several physical assets that were part of the Rustock botnet by Microsoft’s lawyers in conjunction with US Marshals in March of this year, the number of computers estimated to be infected has dropped from 1.6 million to 700k. The Rustock botnet was used to send spam emails and was contracted to the highest bidder.
When the raids took down seven of the C&C (command and control) servers, it left the infected computers leaderless, and unable to adapt to detection strategies. Couple that with updates to anti-virus software that specifically target Rustock, and you’ve got a drop of 33,000 infected computers in the US alone. (It’s safe to assume that the remaining 53,000 are people who think updates are how you get viruses)
Microsoft issued an excellent report (PDF available here) on the Rustock report, and Senior Attorney with Microsoft’s Digital Crime Unit had this to say:
“But if you’re a botnet herder, and you just saw Rustock go down — with years of work coding and planting malware and maintaining the botnet — you’re going to charge more. And that’s an impact on spammers’ cost analysis, as it becomes more and more expensive to send out spam.”