Microsoft’s Digital Crimes Unit just conducted “Operation b70,” a strike against the botnet known as Nitol and more than 500 strains of malware — including one that hijacked the microphone and video camera of users’ computers.
The malware network was associated with the domain, 3322.org. Microsoft was able to block the operation of the domain through a court order against a person named Peng Yong and his company based in Changzhou, China. The move followed a study conducted by Microsoft which revealed that as many as 20% of all computers sold through unsecured supply chains come infected with malware.
Malware is hidden software can be used to gain access to a computer without the owner’s knowledge, some even taking physical control of the computer itself. The strain that gave access to the infected computer’s microphone and video camera effectively provided criminals “eyes and ears into a victim’s home or business.”
Other types of malware are used to steal private information, such as passwords, or to coordinate so-called distributed denial of service (DDoS) attacks, where infected machines continuously try to get access to a website, until the site becomes overloaded and crashes, like what appeared to happen to GoDaddy earlier this week. (The domain registrar later denied that was what happened.)
In a blog post detailing the strike against Nitol, Richard Boscovich of the Microsoft Digital Crimes Unit says:
Cybercriminals have made it clear that anyone with a computer could become an unwitting mule for malware; today’s action is a step toward preventing that. We will continue to work to protect people that use our products and services from these threats and the cybercriminals behind them. In addition, consumers should also exercise their right to demand that resellers provide them with non-counterfeit products free of malware.
The strike against Nitol is Microsoft’s second attack on botnets, in the last 6 months. The study and subsequent operation is part of the MARS (Microsoft Active Response for Security) program, where Microsoft is taking a proactive role in the fight against cybercriminals.