Microsoft Disrupts Nitol Botnet and Takes Control of Malware Hosting Domain

Microsoft has claimed, through an operation code named b70, that it has managed to disrupt more than 500 different strains of malware in a bid to slow down the threats posed by the Nitol botnet.

Microsoft has discovered that Chinese retailers have been involved in selling computers with pirated version of Windows loaded with malware. Microsoft believes that the malware could have entered the supply chain at any point seeing as how the computer travels among companies that transport and resell the computer it is hard to pin-point the time and location.

Microsoft’s official blog says this, “…cybercriminals infiltrate unsecure supply chains to introduce counterfeit software embedded with malware for the purpose of secretly infecting people’s computers”

One thing that was noticed was that the malware was capable of spreading itself through common file transfers like USB based flash drives making it possible to spread malware to family members and friends.

A study done by Microsoft which was focused on the Nitol botnet found that nearly 20 per cent of the all the PCs that were purchased through unsecure Chinese supply chain were infected with malware. In this study Microsoft also found that in addition to hosting the Nitol botnet, the domain 3322.org contained 500 different strains of malware which were hosted using 70,000 sub domains. Microsoft also played crucial roles in disrupting the Kelihos and Zeus botnets while closely working with US officials.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s