Microsoft Arrive Settlement with Site Associated to Nitol Botnet

Microsoft announced recently that it's arrived at a settlement with operators of a domain that horded Nitol botnet, among other things, could wait in brand new computers, as reported by settletimes.com on October 2, 2012.

The settlement arrived in a case that Microsoft claimed against the Eastern District of Virginia to the US District Court seeking permission to discontinue the botnet and access a temporary warning an order against a Chinese entrepreneur, Peng Yong, and his company.

As per the official Microsoft blog post, the lawsuit supposed that Yong's DOMAIN, 3322.org, hosted the Nitol botnet with "contained a stunning 500 unusual strains of malware horded on more than 70,000 sub-domains".

Now, in exchange for Yong's cooperation, Microsoft agreed to leave the lawsuit it filed against him.

According to the new agreement, Yong will work with the Chinese computer emergency response team (CN-CERT) to confirm that 3322.org is not used to host botnet.

Yong will forward any "black-listed" domains to CN-CERT, and the same would go towards a sinkhole prearranged by the Chinese authorities. The 3322.org owner will also by obligated by fixing their system to assist anyone if affected by Nitol botnet.

When news of the Nitol botnet first broke, the company defended by Yong by saying that 3322.org conflict hosting illegal content, but the size of its user base made it difficult to police content.

Microsoft has started notifying victims about the Nitol botnet by distributing polluted IP information with the shadow server Foundation. The foundation is a group of volunteer Internet security staff who gathers and track potential malware threats.

According to the Assistant General Counsel, Richard Boscovich in Microsoft's Digital Crimes Unit, the action against the Nitol botnet was known to be effective enough to disrupt more than 500 different strains of malware since these are potentially affecting many operations of the cybercriminals, as posted in a blog, as per news published in infosecurity-magazine.com on October 2, 2012.

He added that since Microsoft initiated gathering of the data on 70,000 malicious sub domains that it recognized at 3322.org during a span of 16 days has been able to restrict more than 609 Million connections evolving from more than 7,650,000 unique IP addresses.

Related article: Microsoft Counters Cybersquatters

» SPAMfighter News - 10/10/2012