DNS service was ‘not knowingly involved’ with malicious sites.
Microsoft has reached a settlement with dynamic DNS service No-IP after its return of 23 domains it seized from the company last week.
The computer giant took control of No-IP's service after filing a civil suit in a Nevada federal court in connection with malicious activity on its domains, but suffered heavy criticism because of alleged disruption of 1.8 million websites.
Natalie Goguen, marketing manager at No-IP, said: "While we are extremely pleased with the settlement terms, we are outraged by Microsoft's tactics and that we were not able to completely and immediately restore services to the majority of our valuable customers that had been affected."
According to Microsoft, the DNS service was being used by cyber criminals based in Algeria and Kuwait to distribute Bladabindi and Jenxcus malware.
It filed against two non-American nationals as well as No-IP's parent company Vitalwerks citing "their roles in creating, controlling, and assisting in infecting millions of computers with malicious software".
In a joint statement yesterday the companies said: "Microsoft has reviewed the evidence provided by Vitalwerks and enters into the settlement confident that Vitalwerks was not knowingly involved with the subdomains used to support malware."
As part of the settlement Vitalwerks has disabled subdomains being used to control the malware, with Microsoft apologising for inconvenience caused to the dynamic DNS service's customers.
Goguen said that Microsoft had failed to contact her company with details of the malicious hostnames, though the computer giant previously claimed No-IP had ignored "numerous reports by the security community" of abuse on their domains.
"By filing an ex parte temporary restraining order (TRO), No-IP was prevented from having any knowledge of the case or offering any support in stopping malicious activity," she said, adding that Microsoft had wasted many months while malicious activity continued.
Source: Company Press Release
get a cbr Cyber Security weekly update
Unable to register now