Microsoft’s Digital Crimes Unit just conducted “Operation b70,” a strike against the botnet known as Nitol and more than 500 strains of malware — including one that hijacked the microphone and video camera of users’ computers.

The malware network was associated with the domain, Microsoft was able to block the operation of the domain through a court order against a person named Peng Yong and his company based in Changzhou, China.  The move followed a study conducted by Microsoft which revealed that as many as 20% of all computers sold through unsecured supply chains come infected with malware.

Malware is hidden software can be used to gain access to a computer without the owner’s knowledge, some even taking physical control of the computer itself. The strain that gave access to the infected computer’s microphone and video camera effectively provided criminals “eyes and ears into a victim’s home or business.”

Other types of malware are used to steal private information, such as passwords, or to coordinate so-called distributed denial of service (DDoS) attacks, where infected machines continuously try to get access to a website, until the site becomes overloaded and crashes, like what appeared to happen to GoDaddy earlier this week. (The domain registrar later denied that was what happened.)

In a blog post detailing the strike against Nitol, Richard Boscovich of the Microsoft Digital Crimes Unit says:

Cybercriminals have made it clear that anyone with a computer could become an unwitting mule for malware; today’s action is a step toward preventing that. We will continue to work to protect people that use our products and services from these threats and the cybercriminals behind them. In addition, consumers should also exercise their right to demand that resellers provide them with non-counterfeit products free of malware.

The strike against Nitol is Microsoft’s second attack on botnets, in the last 6 months. The study and subsequent operation is part of the MARS (Microsoft Active Response for Security) program, where Microsoft is taking a proactive role in the fight against cybercriminals.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline


  • Maundy91
  • Kelly Cline

    My site actually went down with that whole GoDaddy fiasco. Great article!

  • joeltelling

    our site went down as well! crazy!

  • Guest

    We’re glad that these botnets are being neutralised. Thank you to all who are protecting the Internet.

  • deegee

    Wow! That’s actually super fascinating. It’s like something out of some cyberpunk novel. Crazy.

  • DisQProf

    Good for you Microsoft. Keep it up.

  • DisQProf

    Geekwire, not sure why this is relevant when GoDaddy has denied it :”like what appeared to happen to GoDaddy earlier this week. “???

    • Kelly Cline

      It’s relevant for those who were following along with the GoDaddy story, who did not have answers or know what or why their sites, such as my own, went down. The link in parenthesis points to a story explaining GoDaddy’s issues. When GoDaddy first went down – news wires EVERYWHERE stated it was due to a DDoS attack by an individual hacker that is part of the group Anonymous, complete with Tweets from the hacker stating that he/she was pulling down GoDaddy.
      All of this information is relevant and, if anything, helps to expand upon the kinds of cybercrimes that are affecting internet users and helped clarify (at least for me) what went down in respect to the GoDaddy situation.

Job Listings on GeekWork

Find more jobs on GeekWork. Employers, post a job here.