/ Apps / Microsoft targets 18,000 malicious websites, takes 4 million offline in the process

Microsoft targets 18,000 malicious websites, takes 4 million offline in the process

Andrea on July 7, 2014 - 11:28 am in Apps
Microsoft has gotten pretty good at using the legal system to combat the spread of malware and online fraud. It appears, however, that they need to work on their finesse game a little. In their latest assault, the collateral damage knocked around 4 million sites offline.It all started after a Nevada court temporarily gave Microsoft control of 23 domains belonging to No-IP.com. In case you’re not familiar with No-IP, it’s a service that assigns static subdomain and domain names to dynamic IP addresses. Geeky types like us often use them to make remotely accessing servers that we run at home (only in accordance with our ISPs TOS, of course).

Malware authors, however, like to leverage services like No-IP to distribute and control their malicious software. They can constantly change IP addresses for CNC servers without knocking their network offline. These sites make up a tiny percentage of the total, of course. According to Microsoft’s court papers, around 18,000 No-IP names were part of the njrat and njworm malware network.

The plan was to descend upon No-IP’s network, take out the offenders, and filter the rest of the service’s traffic so that legitimate sites weren’t affected. As it turned out, Microsoft wasn’t able to make good on that promise. Support requests from No-IP customers that can’t access their sites are piling up, and No-IP  is understandably miffed.

To make matters worse, No-IP said that the vast majority of the names Microsoft listed were no longer active when they showed up on No-IP’s doorstep. In fact, only about 2,000 out of the 18,000 were. The other 3,998,000? Well, you’re bound to hit a few things by accident when you swing a really big hammer, eh, Microsoft?

Source: Apps – Geek.com

Comments are disabled

Comments are closed.