Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Microsoft hammers No-IP, collateral damage includes Hacking Team's legal malware

Ms. Smith | July 3, 2014
Microsoft's takedown of No-IP accounts disrupted cybercrime gangs, but also legitimate sites as well as government-sponsored "lawful intercept" spyware, aka the Hacking Team's legal malware.

According to No-IP, the takedown came as a total surprise. "Had Microsoft contacted us, we could and would have taken immediate action. Microsoft now claims that it just wants to get us to clean up our act, but its draconian actions have affected millions of innocent Internet users." The solution, if your site went down, "is for you to create a new hostname on a domain that has not been seized by Microsoft."

Microsoft isn't buying into No-IP's "total surprise" claim. In fact, Microsoft Digital Crimes Unit added, "As malware authors continue to pollute the Internet, domain owners must act responsibly by monitoring for and defending against cybercrime on their infrastructure. If free Dynamic DNS providers like No-IP exercise care and follow industry best practices, it will be more difficult for cybercriminals to operate anonymously and harder to victimize people online."

Some folks in the security community are furious, saying Microsoft went too far and darkened too many legitimate sites that had nothing to do with distributing malware, (check out comment section on Krebs on Security). CSO's Steve Ragan pointed out, "Four million domains have been shutdown, despite the fact that Microsoft only wants 18,472 of them." Microsoft called that "temporary loss of service" to legitimate sites a "technical error" that has since been corrected.

Not all collateral damage was bad. For example, Kaspersky noted the shutdown "affected in some form at least 25% of the APT groups" as well as darkening some of the Hacking Team's "lawful intercept"malware deployed by governments and law enforcement to take complete remote control of PCs and smartphones. Whether that also was a "technical error" now fixed is unknown. It's probably too much to hope that Microsoft would take a stance like Kaspersky did to protect consumers and block the "legal" spyware.

 

Previous Page  1  2 

Sign up for MIS Asia eNewsletters.