Kudos to Microsoft: Huge Pirated Software, Malware Botnet Takedown

September 15, 2012 6:27 PM from

Well, MS took down Nitol, a huge botnet which sold counterfeit software, and hosted over 70,000 malware domains which infected users with more than 500 Trojans, viruses and keystroke loggers. It was done as part of the M.A.R.S. (Microsoft Active Response for Security) which tracked down evildoers whose intent was to harm the world online community. This Op (Operation b70) was started by the Microsoft Digital Crimes Unit. Nitol has existed since 2008.

“Our research into Nitol uncovered that the botnet was being hosted on a domain linked to malicious activity since 2008. This study also revealed that in addition to hosting b70, 3322.org contained a staggering 500 different strains of malware hosted on more than 70,000 sub-domains. We found malware capable of remotely turning on an infected computer's microphone and video camera, potentially giving a cybercriminal eyes and ears into a victim's home or business. Additionally, we found malware that records a person's every key stroke, allowing cybercriminals to steal a victim's personal information. The Nitol botnet malware itself carries out distributed denial of service (DDoS) attacks that are able to cripple large networks by overloading them with Internet traffic, and creates hidden access points on the victim's computer to allow even more malware - or anything else for that matter - to be loaded onto an infected computer.” -http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

MS found computers manufactured in China loaded with counterfeit Windows loaded with malware, which could have been loaded at any point in the supply chain. How to know if a given computer is contaminated? Look for a deal that’s “too good to be true”. It is.

In addition to the routine malware, there was also Trojans which could record pictures and sound. Sound familiar?

Anyway, sincerest thanks and kudos to Microsoft.

It appears the company we love to hate can do what the real law enforcement agencies can’t.

Now if they could only put out an OS which didn’t make me crazy….

Sources:

http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

http://www.pcmag.com/article2/0,2817,2409742,00.asp

23,492 views 12 replies

Reply #1 September 15, 2012 6:52 PM from

WinCustomize Forums Top

Reply #2 September 15, 2012 7:57 PM from

WinCustomize Forums Top

YAY MS!!!!

Start11 - Customize the Start Menu and Taskbar in Windows 10/11.

Reply #3 September 15, 2012 8:59 PM from

WinCustomize Forums Top

Reply #4 September 15, 2012 10:11 PM from

WinCustomize Forums Top

staggering 500 different strains of malware hosted on more than 70,000 sub-domains.

End of quote

"staggering" doesn't quite cover that, more like "mind-blowing". That's one heck of a weed.

Reply #5 September 15, 2012 11:02 PM from

WinCustomize Forums Top

MS gets the huge gold star on this one.

Reply #6 September 15, 2012 11:37 PM from

WinCustomize Forums Top

Quoting DrJBHL, reply 5

MS gets the huge gold star on this one.

End of DrJBHL's quote

good on them

Reply #7 September 16, 2012 5:55 AM from

WinCustomize Forums Top

Finally....Microstuff is showing some b***s. Lets hope they keep it up. Kudos to MS.......for a change.

Reply #8 September 16, 2012 6:42 AM from

Elemental Forums Top

Isn't it a bit creepy that a business entity is engaged in cyber warfare with another business entity? I mean since when do we trust the big corporations to do the "moral" thing? Let's hope this doesn't snowball anywhere...

Reply #9 September 16, 2012 7:55 AM from

WinCustomize Forums Top

Half right, Heavenfall.

While MS is a business concern, Nitol is a criminal concern.

What's creepy about it is that MS did cyber criminal law enforcement (not cyber warfare: They went to Court) better than the FBI/NSA and whoever else should have been doing it.

Reply #10 September 16, 2012 8:31 AM from

WinCustomize Forums Top

I am very surprised they could affect a criminal activity in a foreign country, what with no one in the country really giving a damn about it. Now if only someone could take down all the WAREZ sites in the world, like the sites hosted in Sweden like NeonFiles and such, now that would be fantastic!

Reply #11 September 16, 2012 8:48 AM from

WinCustomize Forums Top

"Your mission Mr. Lightstar, should you accept, is to dismantle these sites and bring the perpetrators to justice. As always, should you or any of your I.M. Force be caught or killed, the Secretary will disavow any knowledge of your actions. This tape will self-destruct in five seconds. Good luck, Tom."

Reply #12 September 16, 2012 9:48 AM from

WinCustomize Forums Top

Good one Doc!

Problem is, a lot of these site hosts don't care, they don't have copyright laws in their country. I sent the host for NeonFiles a support ticket, and they just ignored it completely. Most of the hosts in countries without copyright laws could care less.

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!