Microsoft reaches agreement with botnet haven 3322.org
Microsoft has announced the end of its lawsuit against the administrator of the 3322.org domain. The site was being used to provide DNS services for approximately 70,000 malicious subdomains associated with the Nitol botnet. The malware was being spread pre-installed on computers that were sold with the Microsoft's Windows operating system in China.
Initially, Microsoft had no success approaching the owner of the domain directly and had gotten permission from the courts to take control of it. Now the company has announced that they have settled the lawsuit pursuant to an agreement with the owner.
Under the agreement, the owner of the DNS service declared that subdomains that have been identified as malicious will be removed based on a list provided by Microsoft and the Chinese Computer Emergency Response Team (CERT). Additionally, when new malicious domains are discovered, they will be added to the list and will also have to be removed. The owner has agreed to help individuals whose machines have been infected with malware associated with subdomains hosted via 3322.org with cleaning up their systems. In return, Microsoft is handing control of the 3322.org domain back to the original owner.
- Malware calls looky-likey domain names, a report from The H.