Microsoft settles Nitol botnet lawsuit
Posted on 04 October 2012.
Less than a month since Microsoft's revelation that it had disrupted the functioning of the Nitol botnet by effecting a takedown of a domain ( which was also hosting over 500 different strains of malware, the Assistant General Counsel with the Microsoft Digital Crimes Unit Richard Boscovich says that Microsoft has dismissed the lawsuit following a settlement it reached with Peng Yong, the operator of the domain.

According to the settlement agreement, Peng Yong has agreed to:
  • Resume providing authoritative name services for, at a time and in a manner consistent with the terms and conditions of the settlement.
  • Block all connections to any of the subdomains identified in a “block-list,” by directing them to a sinkhole computer which is designated and managed by CN-CERT.
  • Add subdomains to the block-list, as new subdomains associated with malware are identified by Microsoft and CN-CERT.
  • Cooperate, to the extent necessary, in all reasonable and appropriate steps to identify the owners of infected computers in China and assist those individuals in removing malware infection from their computers.
Victims have already been identified and Microsoft has initiated the data sharing of their details to their ISPs through their national CERTs. Notifications about the infection are in the process of being sent out to the affected users.

"Of note, in the 16 days since we began collecting data on the 70,000 malicious subdomains, we have been able to block more than 609 million connections from over 7,650,000 unique IP addresses to those malicious subdomains," Boscovich points out. "In addition to blocking connections to the malicious domains, we have continued to provide DNS services for the unblocked subdomains.


eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Dec 19th