Critics blast Microsoft's takedown of No-IP domains
Microsoft contends it seized domains to stop distribution of two widely used malware tools
Computerworld - Microsoft's tactics in using a court order to seize nearly two-dozen No-IP.com domains it said were used to distribute Windows malware tools were called ham-handed by several critics.
No-IP, a Reno, Nev. provider of dynamic domain name services, said Microsoft's sudden takedown of its domains was initiated without prior warning and disrupted Internet service for innocent customers.
In a blog post Monday, No-IP accused Microsoft of causing widespread problems for its customers. "Millions of innocent users are experiencing outages to their services because of Microsoft's attempt to remediate hostnames associated with a few bad actors," the company claimed.
David Finn, executive director and associate general counsel of Microsoft's Digital Crimes Unit, defended the company's actions but acknowledged that the move affected innocent users.
"Due to a technical error, however, some customers whose devices were not infected by the malware experienced a temporary loss of service," Finn said in an email on Tuesday. However, Microsoft has since restored all service, he said. "We regret any inconvenience these customers experienced."
A Microsoft spokeswoman declined further comment.
No-IP said it would have taken immediate action to address any problems with its domains had Microsoft given it notice.
Brian Honan, an independent security consultant with BH Consulting in Dublin, Ireland, questioned Microsoft's tactics in going after No-IP.com however justified its motives were. "Does this action mean that Microsoft has now appointed itself as the Internet Sheriff who will now clean up the place?" Honan asked.
Honan said Microsoft didn't provide No-IP.com a chance to defend itself in court, and thereby prevent its services from being impacted. Microsoft has set a precedent, which other companies could use "to impact legitimate service providers who they feel are not living up to an undetermined standard for responding to abuse requests," Honan said.
Microsoft in mid-June filed a complaint against No-IP.com in a Nevada federal court contending that No-IP's dynamic domain name services were being used to distribute two botnet software tools, Bladabindi and Jenxcus, and facilitate the distribution of more than 200 other malware products.
In the suit, Microsoft accused No-IP of providing the Kuwait and Algeria-based creators of Bladabindi and Jenxcus an infrastructure for distributing the tools to millions of Windows systems around the world. Microsoft claimed that hundreds of bad actors had downloaded the malware tools from No-IP's domains and infected computers with it.
Microsoft said that according to its research, No-IP domains were used 93% of the time for infecting computers with Bladabini and Jenxcus malware tools. Though No-IP should have known its domains were being used extensively for malicious purposes, it did nothing about it, Microsoft charged.
- Layoffs cool Microsoft employees' opinion of CEO Satya Nadella
- How Microsoft's CEO sees growth for Windows Phone and Lumia
- Microsoft wants you to forget Windows 8
- Microsoft again writes off Surface inventory, renews profitability doubts
- 'Nadella Effect' makes Ballmer $2.8B richer
- Microsoft reveals bankruptcy of devices strategy by dumping Nokia feature phones
- Microsoft may drag out layoffs for a year
- Surface survives Microsoft cuts, but tablet strategy remains muddled
- As it lays off workers, Microsoft also kills its low-end Nokia X smartphones
- How Microsoft announces layoffs will show the company's PR IQ
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Legal White Papers | Webcasts