Microsoft has discovered that several new computers in China have been carrying the Nitol botnet malware and has called for security in its supply chain to be improved.
The malicious software allows cyber criminals to steal personal information such as bank account details and take control of personal computers. A US court has granted Microsoft permission to seize control of one Chinese domain which has been linked to cybercrime since 2008.
Nitol attempted to connect to its command and control system as soon as the PC was switched on and was eventually linked to the 3222.org domain. This domain had 70,000 different sub-domains used by 500 different types of Malware.
Microsoft also found malware that was capable of remotely operating microphones or video cameras as well as keyloggers that track every key entered by a user, revealing sensitive information such as passwords.
An American court has now given Microsoft permission to seize control of the 3322.org domain where the botnet was hosted, and allow it to filter traffic. The domain’s owners have said that they have a “zero tolerance” policy towards illegal malware but with 2.85 million domains, this was difficult to enforce in practice. Last year, a Chinese mobile security firm was accused of bundling viruses with its anti-malware software.
“In disrupting these malware strains, we helped significantly limit the spread of the developing Nitol botnet, our second botnet disruption in the last six months.”
Microsoft said that the most disturbing fact was that the counterfeit software could have entered the supply chain at any point and warned consumers that if a deal was too good to be true, it probably was.
The company released an update in June to address a certificate issue exploited in the Flame malware attacks and another Microsoft investigation, operation b71, has been trying to take down the Zeus Botnet network.
“Microsoft is fully committed to protecting consumers by combating the distribution of counterfeit software and working closely with governments, law enforcement and other industry members in these efforts,” continued Domingues Boscovich. “Our disruption of the Nitol botnet further demonstrates our resolve to take all necessary steps to protect our customers and discourage criminals from defrauding them into using malware infected counterfeit software.”
Are you a security expert? Find out with our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…