Microsoft has accidentally disrupted millions of servers, due to a technical error, during its battle to take down another group of cybercriminals and this time with a lawsuit filed in Nevada, marking the end of what it calls an international malware conspiracy.
The software giant won a court order against DNS (DDNS) provider Vitalwerks Internet Solutions, to gain control of 23 No-IP domains, claimed to be exploited by the Bladabindi (NJrat) and Jenxcus (NJw0rm) families of malware. Microsoft states that 93 percent of the infections by these specific malwares that use dynamic DNS use No-IP.
However, Microsoft, while filtering traffic to the malicious domains, has also inadvertently affected the traffic of many legitimate sites. No-IP claims that the malware hunt has had around 4 million innocent victims who said Microsoft’s action was “heavy-handed.”
According to the filing, Mohamed Benabdellah of Kuwait and Naser Al Mutairi of Algeria are the authors and distributors of Bladabindi and Jenxcus. Microsoft has reportedly detected 7.4 million Bladabindi-Jenxcus infections with its Malicious Software Removal Tool and security products last year.
Microsoft in its blog post, said that Al Mutairi and Benabdellah, along with the companies Vitalwerks and 500 John Does have been violating the federal and state law, with the distribution of malicious software through over 18,000 No-IP sub-domains. The company also accuses No-IP of failing to take the necessary measures.
In response, No-IP said in a statement that Microsoft “never contacted” or reported to the company about any alleged malicious activity or even requested to block any subdomains, noting that the companies have an “open line of communication.”
No-IP went on adding that “had Microsoft contacted” before, the company would have “taken immediate action,” saving a lot of trouble for the millions of users affected by Microsoft’s “draconian actions.”
