Microsoft has changed its tack after No-IP domain seizure

Security

by Jimmy Nicholls| 10 July 2014

DNS service was ‘not knowingly involved’ with malicious sites.

Microsoft has reached a settlement with dynamic DNS service No-IP after its return of 23 domains it seized from the company last week.

The computer giant took control of No-IP's service after filing a civil suit in a Nevada federal court in connection with malicious activity on its domains, but suffered heavy criticism because of alleged disruption of 1.8 million websites.

Natalie Goguen, marketing manager at No-IP, said: "While we are extremely pleased with the settlement terms, we are outraged by Microsoft's tactics and that we were not able to completely and immediately restore services to the majority of our valuable customers that had been affected."

According to Microsoft, the DNS service was being used by cyber criminals based in Algeria and Kuwait to distribute Bladabindi and Jenxcus malware.

It filed against two non-American nationals as well as No-IP's parent company Vitalwerks citing "their roles in creating, controlling, and assisting in infecting millions of computers with malicious software".

In a joint statement yesterday the companies said: "Microsoft has reviewed the evidence provided by Vitalwerks and enters into the settlement confident that Vitalwerks was not knowingly involved with the subdomains used to support malware."

As part of the settlement Vitalwerks has disabled subdomains being used to control the malware, with Microsoft apologising for inconvenience caused to the dynamic DNS service's customers.

Goguen said that Microsoft had failed to contact her company with details of the malicious hostnames, though the computer giant previously claimed No-IP had ignored "numerous reports by the security community" of abuse on their domains.

"By filing an ex parte temporary restraining order (TRO), No-IP was prevented from having any knowledge of the case or offering any support in stopping malicious activity," she said, adding that Microsoft had wasted many months while malicious activity continued.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

755 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.