DTX Manchester DTX Manchester
  • About Us
Friday, 26 February, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

No-IP regains control of 23 domains from Microsoft

by The Gurus
July 4, 2014
in Editor's News
Share on FacebookShare on Twitter

After the sinkholing exercise of earlier this week, No-IP has said that that all of the 23 domains that were “seized by Microsoft” on June 30th were now back in its control.
 
In an updated blog, No-IP said that it may take time for the DNS to fully propagate, but everything should be fully functioning within the next day. “We are so sorry for the inconvenience that this takedown has caused our customers,” it said. “Thank you so much for the support and for sticking with us through the entire process this week.” A request for comment had not been received at the time of writing.
 
Earlier this week, we reported that had named the US company Vitalwerks Internet Solutions, LLC (doing business as No-IP.com) as being responsible for infecting users with the Bladabindi (NJrat) and Jenxcus (NJw0rm) family of malware. It specifically named two Kuwaiti and Algerian nationals for this, and No IP for not taking sufficient steps to correct, remedy, prevent or control the abuse or help keep its domains safe from malicious activity.
 
This led to it taking civil action which alleged that the malware was distributed through more than 18,000 sub-domains belonging to No-IP, which was granted on June 26th and Microsoft became the DNS authority for the company’s 23 free No-IP domains, allowing it to sinkhole all known bad traffic to Microsoft and classify the identified threats.
 
However it seemed nobody consulted No-IP, who said in a statement that it was “very surprised by this” and that Microsoft never contacted or asked them to block any subdomains, even though it has an open line of communication with Microsoft corporate executives.
 
“They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening,” it said. “Apparently, the Microsoft infrastructure is not able to handle the billions of queries from our customers. Millions of innocent users are experiencing outages to their services because of Microsoft’s attempt to remediate hostnames associated with a few bad actors.
 
“Had Microsoft contacted us, we could and would have taken immediate action. Microsoft now claims that it just wants to get us to clean up our act, but its draconian actions have affected millions of innocent Internet users.”
 
In the following days, No-IP said it was suffering a DDoS attack and unable to mitigate. Despite this, the internet came out in support of No-IP; Manos Antonakakis said in his blog that “without a doubt, this must be the biggest failure in the history of cyber security”. He said: “It is evident in my eyes that the logic behind DCU’s actions is not based on objective observations around botnet operation
s. Rather, DCU’s actions are based on a subjective decision that serves a different agenda. That is, if the strategic goal were to takedown the ZeroAccess botnet, for example, the operation would have simultaneously addressed all possible C&C channels (P2P or otherwise).
 
“It is clear that the operational security community is in desperate need of a single entity that can provide the necessary common ground that will bring industry, government and academia together to strategise against the systematic fight against internet abuse.”
 
Also talking to Forbes, Andreas Lindh, security analyst at I Secure Sweden AB, said Microsoft’s action against No-IP was much too drastic and should have been handled in a much less aggressive way. “It’s a crazy world where one corporation can decide that another one isn’t doing its job good enough and then simply get legal backing for taking the services of that company down,” Lindh added. “If not being ‘good enough’ at security on some ad-hoc scale is enough for being taken down, lots of people should have been shut down a long time ago, including Microsoft back in the day.”

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: MalwareMicrosoftTakedown
ShareTweetShare
Previous Post

Microsoft to release critical fixes for Explorer and Windows next week

Next Post

NSA net catches “ordinary” internet users

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Npower shuts down app after hackers steal customer bank info  

February 26, 2021
Partnership announcement: Edgescan partners with BSI to deliver safe and secure client solutions

Edgescan partners with BSI to deliver safe and secure client solutions

February 26, 2021
Microsoft building

Microsoft failed to fix known problems that could have prevented SolarWinds hack

February 26, 2021
Microscope

Dutch Research Council experience ransomware attack

February 26, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept