Microsoft had taken unbelievable action against hackers by shutting down millions of websites which were apparently distributing malware. On June 30, 2014 Microsoft took control of almost two dozen domain names, which were being used to spread dangerous malware across the globe. In this process, more than 4 million genuine websites were also taken down by Microsoft that were using the same DNS service called No-IP. Although, this unprecedented action of Microsoft was completely legal and authorized by a Nevada court.
On June 30, 2014, Microsoft in its blog post said that it had filed a US lawsuit against two alleged hackers, namely Mohamed Benabdellah from Algeria and Naser Al Mutairi from Kuwait.
Why did Microsoft take such a decision?
Microsoft found out that a cybercrime group which was spreading the malware -NJrat and NJw0rm (both remote-access Trojans) was using No-IP’s dynamic DNS service to infect Windows PCs.
These families of malware were capable of stealing data, recording keystrokes and much more. Microsoft argued in the lawsuit that it should be given charge of all the internet sites controlled by No-IP, as these hackers were using No-IP services to spread malware and No-IP was not doing enough to stop them. The judge agreed and authorized Microsoft to take charge of that part of the internet which was being controlled by No-IP.
After receiving permission from the court, Microsoft targeted to confiscate 18,400 malicious No-IP malicious hosts, but unfortunately it also took down other four million No-IP hostnames which affected over 1.8 million No-IP customers. However in this process, Microsoft was successful in shutting down the two malware campaigns and other cybercrime groups worldwide.
No-IP was unhappy with the disruption caused by Microsoft, as this move affected many innocent customers. Reportedly, No-IP’s marketing manager – Natalie Goguen said that only 2,000 of its hostnames were infected by the two malware families, not the 18,400 hostnames claimed by Microsoft. In spite of the inconvenience to No-IP and its customers, Microsoft’s action seems to have worked at the end as it almost got rid with two of the most resilient malware.
However, on July 3, 2014, Microsoft had surrendered the 23 domain names out of which No-IP had recovered 18 of its domains and it in the process of getting the remaining 5 back.
Nevertheless, Microsoft took a decision on a global basis to combat malware, but here is what you can do as an end user to not get affected by such malware…
- Use the latest antivirus software such as eScan for your computer that protects it from all kinds of malware attacks.
- Enable firewall in your PC so that you can use local networks and the Internet safely.
- Keep all of the software installed on your computer up-to-date.
- Keep your computer’s security settings to a higher level. Configure your computer’s AV settings to perform automatic system updates.
The best way to know whether your PC has a malware infection is to run a free scan. Use the Free eScan tool kit from here. No installation required. http://www.escanav.com/english/content/products/MWAV/escan_mwav.asp