Trademarks might appear to have little to do with ads for body enhancement pills. But, said Microsoft's Richard Boscovich, the Lanham Act allowed Microsoft and its partners to seize the servers the hijacked computers were reporting to. That's an important detail. In a criminal proceeding, authorities might just get a search warrant and grab the equipment outright. But because Microsoft was engaged in a civil lawsuit, search warrants were out of the question. The company had to find another way to gain control of the command servers.
Luckily for the anti-spammers, the Lanham Act makes seizures of equipment possible if there's counterfeiting going on. In another stroke of fortune for Microsoft, the botnet operators had been using a letter template that included, of all things, Microsoft's logo. Every time Rustock sent out spam with Microsoft's registered image on it, that was another piece of evidence that the company could wield against the controllers.
When Rustock finally got taken down, spam watchers noticed a sharp drop-off in the amount of bogus material being pushed around the Internet. Symantec saw spam volumes drop by 24.7 percent the day after the sting.
The spammers will eventually adapt. But the goal isn't to eradicate botnets altogether -- it's to make the enterprise so complicated and expensive that most low-level criminals give up.
"You want to make them spend their time and money to develop that code," Boscovich said during the Washington event. "That automatically takes a lot of players out of the market."