Microsoft Disrupts Nitol Botnet
By on September 13th, 2012

In an operation named Operation b70, Microsoft was able to disrupt the Nitol botnet that was used to spread malware and launch DDoS attacks. The operation was carried out by Microsoft’s Digital Crimes Unit with the permission of U.S. District Court for the Eastern District of Virginia.

The operation was a result of a study conducted by Microsoft which discovered hackers selling pirated copies of Windows that was embedded with malware. They then got these copies into different unsecured (a distributor or reseller selling products from unconfirmed or unauthorized sources) supply chains for distribution. In the research, it was found that about 20% of pirated copies of Windows consisted of different types of malware.

These malware was used for a multitude of illegal purposes including stealing passwords, credit card information and even remotely turning on the microphone and webcam connected to the victim’s computer.

The computers that were part of the Nitol botnet was controlled by a Nitol command server. The DNS of the server was found to be provided by a rogue website called 3322.org which has been known to be a part of several targeted attacks in the past. With the successful takedown of 3322.org, Microsoft was also able to take down around 500 different strains of malware stored in 70,000 sub-domains of the rogue website.

The operation was part of Microsoft’s wider MAPS (Microsoft Active Response for Security) program which is intended to protect Windows users against malware. This is the second such action against botnets by Microsoft, which had taken down Zeus botnet earlier this year.

Via: Official Microsoft Blog

Tags: ,
Author: Nithin Ramesh Google Profile for Nithin Ramesh
Nithin is a blogger and a Windows security enthusiast. He is currently pursuing Bachelors in Electronics and Communication. Apart from technology his other interests include reading and rock music. His Twitter handle is @nithinr6

Nithin Ramesh has written and can be contacted at nithin@techie-buzz.com.
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN