Microsoft marks it second botnet take down in 6-months
Microsoft has a Digital Crimes Unit that is tasked in part with helping discover and destroy botnets. Botnets are often responsible for a huge amount of spam e-mail sent to people all around the world and can be used for other nefarious deeds. Microsoft’s Digital Crimes Unit has recently set it sights on the new emerging botnet called Nitol.
Earlier this week, the U.S. District Court for the Eastern District of Virginia granted the Microsoft Digital Crimes Unit permission to disrupt more than 500 different strains of malware that have the potential to target millions of people around the world.
The operation was code-named Operation b70. The operation came from a Microsoft study that found cyber criminals were able to infiltrate unsecure supply chains to introduce counterfeit software embedded with malware with the sole purpose of secretly infecting user’s computers around the world.
By disrupting the malware strains, Microsoft says that it helped to limit the spread of the developing Nitol botnet. Microsoft previously disrupted the Zeus botnet, making the disruption of Nitol the second botnet Microsoft has disrupted this year. Microsoft says that in Operation b70 it was discovered that retailers were selling computers loaded with counterfeit versions of Windows software that were embedded with malware.
The malware in question allowed criminals to steal personal information from users and abuse their online services such as e-mail, social networking accounts, and online bank accounts. Microsoft says one of the most disturbing components of this counterfeit software was that the malware could’ve been introduced into the supply chain at any point where the computer travels between companies. That means that consumers have no way to know they’re buying a machine from an unsecured supply chain.
Microsoft says that 20% of the computers researchers in the operation purchased from an unsecure supply chain were infected with malware. The researchers also noted that the malware was able to spread through devices, including flash drives allowing it to infect other machines.