What Kaspersky thinks of Microsoft's No-IP takedown

Data Jimmy Nicholls

09:07, July 2 2014


Security firm says it is even better than Microsoft claims.

Security firm Kaspersky has hailed Microsoft's takedown of dynamic DNS provider No-IP as a "major blow" for cybercrime.

Microsoft seized 23 domains from the site after filing a court order against the company over concerns its service was being exploited by criminals to spread malware.

Kaspersky lab expert Costin Raiu said: "No-IP is one of the many Dynamic DNS providers out there, which can be used for free to register a subdomain on top of popular names such as '' or ''.

"For a long time, this has been a favourite method for cybercriminals who wanted to register easy to update hostnames to control their malware implants."

Kaspersky noted at least a quarter of the advanced persistent threats (APTs) it has been tracking were hit, despite Microsoft only claiming to target trojan Bladabindi and the worm Jenxcus.

No-IP has protested what they called a "draconian" approach by Microsoft affecting "millions of innocent internet users", and is offering its customers the opportunity to create a new hostname on the domains it still has control over.

Raiu said: "In the future, we can assume these groups will be more careful on using dynamic DNS providers and rely more often on hacked websites and direct IP addresses to manage their C&C [command and control] infrastructure."

Source: Company Press Release

get a cbr Cyber Security weekly update

Terms & Conditions & Privacy Policy.


Post a comment

Comments may be moderated for spam, obscenities or defamation.