Microsoft settles Nitol botnet lawsuit
Posted on 04 October 2012.
Less than a month since Microsoft's revelation that it had disrupted the functioning of the Nitol botnet by effecting a takedown of a domain (3322.org) which was also hosting over 500 different strains of malware, the Assistant General Counsel with the Microsoft Digital Crimes Unit Richard Boscovich says that Microsoft has dismissed the lawsuit following a settlement it reached with Peng Yong, the operator of the domain.

According to the settlement agreement, Peng Yong has agreed to:
  • Resume providing authoritative name services for 3322.org, at a time and in a manner consistent with the terms and conditions of the settlement.
  • Block all connections to any of the subdomains identified in a “block-list,” by directing them to a sinkhole computer which is designated and managed by CN-CERT.
  • Add subdomains to the block-list, as new 3322.org subdomains associated with malware are identified by Microsoft and CN-CERT.
  • Cooperate, to the extent necessary, in all reasonable and appropriate steps to identify the owners of infected computers in China and assist those individuals in removing malware infection from their computers.
Victims have already been identified and Microsoft has initiated the data sharing of their details to their ISPs through their national CERTs. Notifications about the infection are in the process of being sent out to the affected users.

"Of note, in the 16 days since we began collecting data on the 70,000 malicious subdomains, we have been able to block more than 609 million connections from over 7,650,000 unique IP addresses to those malicious 3322.org subdomains," Boscovich points out. "In addition to blocking connections to the malicious domains, we have continued to provide DNS services for the unblocked 3322.org subdomains.






Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //