Microsoft Seized No-IP Domains, Millions of Dynamic DNS Service Users Suffer Outage
2014-07-02, 01:31 PM,
[Image: noip-domains-malware.png]

Quote:In an effort to crackdown on cyber crimes, Microsoft has taken a legal action against a malware network what it thought is responsible for more than 7.4 million infections of Windows PCs across the globe.
Millions of legitimate servers that rely on Dynamic Domain Name Service (DDNS) from, owned by Vitalwerks Internet Solutions were blacked out on Monday after Microsoft seized their 23 domain names that were being used by malware developed in the Middle East and Africa.


The Dynamic Domain Name Service (DDNS) from works by mapping users' dynamic IP addresses to a customized No-IP sub-domain like or This mechanism allows users to connect to a system with dynamic IP address using a static No-IP sub-domain.

No doubt its a useful service, but Nevada-based No-IP Dynamic DNS (DDNS) service subdomains have been abused by creators of malware for infecting millions of computers with malicious software at large scale.


Microsoft security research team began this operation under an order granted by a federal court in Nevada, and targeted traffic involving two malware families that abused No-IP services. The Windows malwares, which went by the names Bladabindi (aka NJrat) and Jenxcus (aka NJw0rm), use No-IP accounts to communicate with their creators in 93 percent of detected infections, which are the most prevalent among the 245 other pieces of malware currently exploiting No-IP domains.

In a blog post, Richard Domingues Boscovich, assistant general counsel at Microsoft’s Digital Crimes Unit, said Microsoft pursued the seizure for No-IP's role "in creating, controlling, and assisting in infecting millions of computers with malicious software—harming Microsoft, its customers and the public at large." He claimed.

Over the past year, Microsoft security team has detected more than 7 million infections that makes use of Bladabindi and Jenxcus malware, in order to take control of users’ computers, get passwords, and turn on webcams and microphones.

Microsoft accused Kuwaiti national Naser Al Mutairi and Algerian national Mohamed Benabdellah of writing and distributing the Bladabindi and Jenxcus malware, respectively. Microsoft claims the developers have sold over 500 copies of the malicious software to crooks and cyber criminals, and promoted No-IP service to use with malware to help them covering their tracks.

In a civil case filed on June 19, Microsoft named two individuals, Mohamed Benabdellah and Naser Al Mutairi, and a U.S. company, Vitalwerks Internet Solutions of violating “federal and state law by distributing malicious software through more than 18,000 sub-domains belonging to No-IP, causing the unlawful intrusion into, infection of, and further illegal conduct involving, the personal computers of innocent persons, thereby causing harm to those persons, Microsoft, and the public at large."

Continue reading....
Share This Thread :

Related Threads
Thread Author Replies Views Last Post
  How many domains you have register till now salen72 22 681 2017-12-20, 09:19 PM
Last Post: MrLions
  Does people really think they have earned millions by checking there emails r00t3d 16 888 2017-07-11, 07:41 PM
Last Post: r00t3d
  How many domains and Websites do you own? reshamanair 8 337 2017-06-13, 12:41 PM
Last Post: srikanta159
  Inside a Russian IG BOT Farm with MILLIONS of Accounts! julianthr 10 708 2017-05-20, 01:03 PM
Last Post: EpicWarrior
  Check out this awesome professional approved service! lancerimpact 2 311 2017-04-15, 02:53 PM
Last Post: EnChanter

About Us | Contact Us | CPA Elites | Advertise | Stats | Staff Team

© 2013-2018 CPA Elites Ltd
Enhanced by MyBB and WallBB
Return to top