Microsoft Disrupts Nitol Botnet

By Thursday, September 13, 2012 0 , , Permalink 0

Microsoft, through an operation codenamed b70, discovered that Chinese retailers were involved in selling of computers with pirated version of Windows loaded with malware. Microsoft believes that the malware could have entered the supply chain at any point for the simple reason that a computer travels among companies that transport and resell the computer.

The Windows 8 maker carried out a study [PDF] which was focused on the Nitol botnet through which it found that nearly 20 per cent of all the PCs that were purchased through unsecure Chinese supply chain were infected with malware.

“…cybercriminals infiltrate unsecure supply chains to introduce counterfeit software embedded with malware for the purpose of secretly infecting people’s computers” wrote Microsoft in its official blog.

Another thing noticed was that the malware was capable of spreading itself through common means of file transfer like USB based flash drives thus putting family members and friends of the victim at risk.

During the study, Microsoft also found that in addition to hosting the Nitol botnet, the domain 3322.org was containing a staggering 500 different strains of malware which were hosted using 70,000 sub domains.

Microsoft has been actively involved in the past and has played crucial roles in disrupting the Kelihos and Zeus botnets while closely working with US officials.