All the latest UK technology news, reviews and analysis


Microsoft admits to error in anti-malware No-IP account takedown

02 Jul 2014
Microsoft has acted against cyber criminals using Bladabindi and Jenxcus

Microsoft has made a new stand against cyber criminals with its action against a firm called No-IP, which offers domain name system (DNS) services, but has since apologised for its overzealousness.

According to Microsoft, No-IP is the source of many Bladabindi and Jenxcus malware attacks. The firm said it has seen more than 7.4 million Bladabindi and Jenxcus incidents over the past year, and that 93 percent of them can be traced back to the No-IP network.

This week Richard Domingues Boscovich, assistant general counsel for Microsoft's digital crimes unit, said: "We're taking No-IP to task as the owner of infrastructure frequently exploited by cyber criminals to infect innocent victims with the Bladabindi (NJrat) and Jenxcus (NJw0rm) family of malware.

"The social media-savvy cyber criminals have promoted their wares across the internet, offering step-by-step instructions to completely control millions of unsuspecting victims' computers to conduct illicit crimes – demonstrating that cyber crime is indeed a global epidemic."

No-IP, which said many innocent accounts have suffered at Microsoft's hands, explained that the regular approach in such circumstances is usually a two-way dialogue.

"We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives," it said in a statement.

"Millions of innocent users are experiencing outages to their services because of Microsoft's attempt to remediate host names associated with a few bad actors. Had Microsoft contacted us, we could and would have taken immediate action.

"Microsoft now claims that it just wants to get us to clean up our act, but its draconian actions have affected millions of innocent internet users."

Since then, Microsoft has told V3 a "technical error" is to blame for the mass close-off and added that services should now be restored.

"Yesterday morning, Microsoft took steps to disrupt a cyber attack that surreptitiously installed malware on millions of devices without their owners' knowledge through the abuse of No-IP, an internet solutions service," said a spokesperson.

"Due to a technical error, however, some customers whose devices were not infected by the malware experienced a temporary loss of service. As of 6am Pacific time today, all service was restored. We regret any inconvenience these customers experienced."

No-IP has countered with its report that services were not restored at 6am. It said Microsoft's claim is "not true".

The news comes at the same time that Microsoft appears to have backtracked on plans to stop sending email alerts to IT professionals about its forthcoming security updates.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dave Neal
About

Dave Neal is a reporter at The INQUIRER. Previously he worked at V3.co.uk, VNUnet, and IT Week in editor and journalist roles.

He started his career when the Y2K bug was a front page story and remains committed to covering the interesting world of technology news.

He left the world of office working four years ago and now represents The INQUIRER from home in Kent with his dog.

Dave has been quoted in papers including the London Metro.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Green IT poll

How important is it to your business that a cloud provider uses renewable energy like solar or wind to power their data centres?
19%
7%
4%
1%
69%

Popular Threads

Powered by Disqus
Galaxy S5 vs Nexus 5 head to head review front

Galaxy S5 vs Nexus 5 video review

We compare Samsung and Google's top devices

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Junior Developer (.Net / SQL)

Junior Developer (.Net / SQL) From c.£30,000 per annum...

IT Support Technician

A small IT services company based in East London operating...

Senior PHP Developer

Overall purpose of the Senior PHP Developer: Create...

Customer Insight Analyst

Location: Guildford with some occasional travel in...
To send to more than one email address, simply separate each address with a comma.