Microsoft Seized No-IP Domains, Millions of Dynamic DNS Service Users Suffer Outage
2014-07-02, 01:31 PM,
#1
[Image: noip-domains-malware.png]

Quote:In an effort to crackdown on cyber crimes, Microsoft has taken a legal action against a malware network what it thought is responsible for more than 7.4 million infections of Windows PCs across the globe.
Millions of legitimate servers that rely on Dynamic Domain Name Service (DDNS) from No-IP.com, owned by Vitalwerks Internet Solutions were blacked out on Monday after Microsoft seized their 23 domain names that were being used by malware developed in the Middle East and Africa.

No-IP FOR MALWARE OPERATORS

The Dynamic Domain Name Service (DDNS) from No-IP.com works by mapping users' dynamic IP addresses to a customized No-IP sub-domain like yourhost.no-ip.org or yourhost.no-ip.biz. This mechanism allows users to connect to a system with dynamic IP address using a static No-IP sub-domain.

No doubt its a useful service, but Nevada-based No-IP Dynamic DNS (DDNS) service subdomains have been abused by creators of malware for infecting millions of computers with malicious software at large scale.

FAMOUS MALWARE FAMILIES USING No-IP SERVICE

Microsoft security research team began this operation under an order granted by a federal court in Nevada, and targeted traffic involving two malware families that abused No-IP services. The Windows malwares, which went by the names Bladabindi (aka NJrat) and Jenxcus (aka NJw0rm), use No-IP accounts to communicate with their creators in 93 percent of detected infections, which are the most prevalent among the 245 other pieces of malware currently exploiting No-IP domains.

In a blog post, Richard Domingues Boscovich, assistant general counsel at Microsoft’s Digital Crimes Unit, said Microsoft pursued the seizure for No-IP's role "in creating, controlling, and assisting in infecting millions of computers with malicious software—harming Microsoft, its customers and the public at large." He claimed.

LARGE SCALE MALWARE INFECTION AND ACCUSED AUTHORS
Over the past year, Microsoft security team has detected more than 7 million infections that makes use of Bladabindi and Jenxcus malware, in order to take control of users’ computers, get passwords, and turn on webcams and microphones.

Microsoft accused Kuwaiti national Naser Al Mutairi and Algerian national Mohamed Benabdellah of writing and distributing the Bladabindi and Jenxcus malware, respectively. Microsoft claims the developers have sold over 500 copies of the malicious software to crooks and cyber criminals, and promoted No-IP service to use with malware to help them covering their tracks.

In a civil case filed on June 19, Microsoft named two individuals, Mohamed Benabdellah and Naser Al Mutairi, and a U.S. company, Vitalwerks Internet Solutions of violating “federal and state law by distributing malicious software through more than 18,000 sub-domains belonging to No-IP, causing the unlawful intrusion into, infection of, and further illegal conduct involving, the personal computers of innocent persons, thereby causing harm to those persons, Microsoft, and the public at large."

Continue reading....
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  How many domains you have register till now salen72 21 456 2017-12-15, 07:43 PM
Last Post: neverstop
  Does people really think they have earned millions by checking there emails r00t3d 16 677 2017-07-11, 07:41 PM
Last Post: r00t3d
  How many domains and Websites do you own? reshamanair 8 274 2017-06-13, 12:41 PM
Last Post: srikanta159
  Inside a Russian IG BOT Farm with MILLIONS of Accounts! julianthr 10 584 2017-05-20, 01:03 PM
Last Post: AlifDomain
  Check out this awesome professional approved service! lancerimpact 2 259 2017-04-15, 02:53 PM
Last Post: EnChanter





About Us | Contact Us | CPA Elites | Advertise | Stats | Staff Team

© 2013-2017 CPA Elites Ltd
Enhanced by MyBB and WallBB
Return to top