Microsoft says disrupts cybercrime rings with roots in Kuwait, Algeria

BOSTON Tue Jul 1, 2014 4:37am IST

The Microsoft logo is seen at their offices in Bucharest March 20, 2013. REUTERS/Bogdan Cristel/Files

The Microsoft logo is seen at their offices in Bucharest March 20, 2013.

Credit: Reuters/Bogdan Cristel/Files

Related Topics

Stocks

   

BOSTON (Reuters) - Microsoft Corp (MSFT.O) launched what it hopes will be the most successful private effort to date to crack down on cyber crime by moving to disrupt communications channels between hackers and infected PCs.

The operation, which began on Monday under an order issued by a federal court in Nevada, targeted traffic involving malicious software known as Bladabindi and Jenxcus, which Microsoft said work in similar ways and were written and distributed by developers in Kuwait and Algeria.

It is the first high-profile case involving malware written by developers outside of Eastern Europe, according to Richard Domingues Boscovich, assistant general counsel of Microsoft's cybercrime-fighting Digital Crimes Unit.

"We have never seen malware coded outside Eastern Europe that is as big as this. This really demonstrates the globalization of cybercrime," said Boscovich, whose team at Microsoft has disrupted nine other cybercrime operations over the past five years, all of which it believes originated in Eastern Europe.

He said it would take days to determine how many machines were infected, but noted that the number could be very large because Microsoft's anti-virus software alone has detected some 7.4 million infections over the past year and is installed on less than 30 percent of the world's PCs.

The malware has dashboards with point-and-click menus to execute functions such as viewing a computer screen in real time, recording keystrokes, stealing passwords and listening to conversations, according to documents filed in U.S. District Court in Nevada on June 19 and unsealed Monday.

The malware was purchased by at least 500 customers.

Boscovich said the developers marketed their malware over social media, including videos on YouTube and a Facebook page. They posted videos with techniques for infecting PCs, he said.

MONDAY'S OPERATION

The court order allowed Microsoft to disrupt communications between infected machines and Reno, Nevada-based Vitalwerks Internet Solutions.

Boscovich said about 94 percent of all machines infected with the two viruses communicate with hackers through Vitalwerks servers. Criminals use Vitalwerks as an intermediary to make it more difficult for law enforcement to track, he said.

The court ordered the registries that direct Internet communications to send suspected malicious traffic to Microsoft servers in Redmond, Washington, instead of to Vitalwerks.

In an operation that begins Monday, Boscovich said, Microsoft will filter out communications from PCs infected with another 194 types of malware also being filtered through Vitalwerks.

Vitalwerks said Microsoft's actions have disrupted service for millions of Internet users.

"Vitalwerks and (operational subsidiary) No-IP have a very strict abuse policy. Our abuse team is constantly working to keep the No-IP system domains free of spam and malicious activity," spokeswoman Natalie Goguen said in a statement.

Microsoft has not accused Vitalwerks of involvement in any cybercrime, though it alleges the company failed to take proper steps to prevent its system from being abused.

"We just want them to clean up their act, to be more proactive in monitoring their service," Boscovich said in an interview.

(Reporting by Jim Finkle; Editing by Richard Chang, Bernard Orr)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

Wipro Results

People walk in the Wipro campus in Bangalore June 23, 2009. REUTERS/Punit Paranjpe/Files

Wipro sees rosier end to year as U.S. clients spend

India's third-biggest software services firm Wipro Ltd , under pressure to improve lacklustre sales growth, said it saw a rosier end to the year as more confident U.S. clients increase spending.  Full Article 

Reuters Showcase

New Email Service

New Email Service

Google launches new email service dubbed "Inbox".  Full Article 

Apple-1 Auction

Apple-1 Auction

Early Apple computer sells for $905,000 at auction.  Full Article 

No More Nokia

No More Nokia

Microsoft looks set to drop Nokia name from smartphones.  Full Article 

User Data Security

User Data Security

Apple CEO discusses security with top Chinese official amid hacking claims - Xinhua.  Full Article 

Patent Wars

Patent Wars

Big Tech winning battle with 'patent trolls'.  Full Article 

Record Season

Record Season

FedEx expects record peak volume of 22.6 million packages on Dec. 15.  Full Article 

Yahoo Earnings

Yahoo Earnings

Yahoo ekes out Q3 revenue gain despite display ad weakness.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage