Microsoft settles Nitol botnet lawsuit
Posted on 04 October 2012.
Less than a month since Microsoft's revelation that it had disrupted the functioning of the Nitol botnet by effecting a takedown of a domain ( which was also hosting over 500 different strains of malware, the Assistant General Counsel with the Microsoft Digital Crimes Unit Richard Boscovich says that Microsoft has dismissed the lawsuit following a settlement it reached with Peng Yong, the operator of the domain.

According to the settlement agreement, Peng Yong has agreed to:
  • Resume providing authoritative name services for, at a time and in a manner consistent with the terms and conditions of the settlement.
  • Block all connections to any of the subdomains identified in a “block-list,” by directing them to a sinkhole computer which is designated and managed by CN-CERT.
  • Add subdomains to the block-list, as new subdomains associated with malware are identified by Microsoft and CN-CERT.
  • Cooperate, to the extent necessary, in all reasonable and appropriate steps to identify the owners of infected computers in China and assist those individuals in removing malware infection from their computers.
Victims have already been identified and Microsoft has initiated the data sharing of their details to their ISPs through their national CERTs. Notifications about the infection are in the process of being sent out to the affected users.

"Of note, in the 16 days since we began collecting data on the 70,000 malicious subdomains, we have been able to block more than 609 million connections from over 7,650,000 unique IP addresses to those malicious subdomains," Boscovich points out. "In addition to blocking connections to the malicious domains, we have continued to provide DNS services for the unblocked subdomains.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th