Microsoft takes 4 million websites offline

[GURPS]

Microsoft targets 18,000 malicious websites, takes 4 million offline in the process


Microsoft has gotten pretty good at using the legal system to combat the spread of malware and online fraud. It appears, however, that they need to work on their finesse game a little. In their latest assault, the collateral damage knocked around 4 million sites offline.

It all started after a Nevada court temporarily gave Microsoft control of 23 domains belonging to No-IP.com. In case you’re not familiar with No-IP, it’s a service that assigns static subdomain and domain names to dynamic IP addresses. Geeky types like us often use them to make remotely accessing servers that we run at home (only in accordance with our ISPs TOS, of course).

Malware authors, however, like to leverage services like No-IP to distribute and control their malicious software. They can constantly change IP addresses for CNC servers without knocking their network offline. These sites make up a tiny percentage of the total, of course. According to Microsoft’s court papers, around 18,000 No-IP names were part of the njrat and njworm malware network.

The plan was to descend upon No-IP’s network, take out the offenders, and filter the rest of the service’s traffic so that legitimate sites weren’t affected. As it turned out, Microsoft wasn’t able to make good on that promise. Support requests from No-IP customers that can’t access their sites are piling up, and No-IP is understandably miffed.

from another website ;

Microsoft Steals 22 Domain Names from NoIP

No-IP does DDNS - dynamic DNS. You can run your own server at home with it, letting you host your own web site, email, FTP, etc.

http://www.noip.com/blog/...amp;utm_campaign=takedown

Quote
We want to update all our loyal customers about the service outages that many of you are experiencing today. It is not a technical issue. This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware.​

A private company uses the courts to steal from another company.

Just how does Microsoft get to steal domain names?

 

[GURPS]

Microsoft Insists That No-IP 'Outage' Was Due To A 'Technical Error' Rather Than Gross Abuse Of Legal Process
from the not-so-sure-that's-true... dept

Earlier today, we wrote about a ridiculous situation in which Microsoft was able to convince a judge to let it seize a bunch of popular domains from No-IP.com, the popular dynamic DNS provider, routing all their traffic through Microsoft servers, which were unable to handle the load, taking down a whole bunch of websites. Microsoft claimed that this was all part of a process of going after a few malware providers, though No-IP points out that Microsoft could have easily contacted them and the company's fraud and abuse team would have cut off those malware providers.

A little while ago, Microsoft PR emailed over the following, somewhat questionable claim from David Finn, the company's Executive Director and Associate General Counsel, Digital Crimes Unit, in which he claims that all of that collateral damage was merely a "technical error" and it's all good now:

“Yesterday morning, Microsoft took steps to disrupt a cyber-attack that surreptitiously installed malware on millions of devices without their owners’ knowledge through the abuse of No-IP, an Internet solutions service. Due to a technical error, however, some customers whose devices were not infected by the malware experienced a temporary loss of service. As of 6 a.m. Pacific time today, all service was restored. We regret any inconvenience these customers experienced.”​

I'm sorry, but that excuse just doesn't cut it, given the legal documents that we posted, which clearly showed that Microsoft made No-IP's parent company, Vitalwerks, out to be a part of a criminal conspiracy. The judge specifically said:

There is good cause to believe that, unless the Defendant Vitalwerks is restrained and enjoined by Order of this Court, immediate and irreparable harm will result from its ongoing violations the Anti-Cybersquatting Consumer Protection Act (15 U.S.C. § 1125) and the common law of negligence. The evidence set forth in Microsoft’s TRO Motion, and the accompanying declarations and exhibits, demonstrate that Microsoft is likely to prevail on its claim that this Defendant has engaged in violations of the foregoing laws through one or more of the following:

a. Leasing to Malware Defendants No-IP sub-domains containing Microsoft’s protected marks; and

b. Negligently enabling Malware Defendants to participate in illegal acts, and failing to take sufficiently corrective action to stop and prevent the abuse of its services, all of which harms Microsoft, Microsoft’s customers, and the general public.​

​

so Microsoft secretly petitions the court for control of 23 of NO-IP's Domains,

'hey were the good guys'

then screws the pooch processing the whole thing ... when all Microsoft had to due was pickup the phone and call NO IP