Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Settles With No-IP After Malware Takedown

Posted by timothy on from the semi-mulligan dept.

Trailrunner7 (1100399) writes It's been a weird couple of weeks for Microsoft. On June 30 the company announced its latest malware takedown operation, which included a civil law suit against Vitalwerks, a small Nevada hosting provider, and the seizure of nearly two dozen domains the company owned. Now, 10 days later, Microsoft has not only returned all of the seized domains but also has reached a settlement with Vitalwerks that resolves the legal action. Some in the security research community criticized Microsoft harshly for what they saw as heavy handed tactics. Within a few days of the initial takedown and domain seizure Microsoft returned all of the domains to Vitalwerks, which does business as No-IP.com. On Wednesday, the software giant and the hosting provider released a joint statement saying that they had reached a settlement on the legal action. "Microsoft has reviewed the evidence provided by Vitalwerks and enters into the settlement confident that Vitalwerks was not knowingly involved with the subdomains used to support malware. Those spreading the malware abused Vitalwerks' services," the companies said in a joint statement. "Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware. The parties have agreed to permanently disable Vitalwerks subdomains used to control the malware."

16 of 83 comments (clear)

  1. "Sorry about that" by Anonymous Coward · · Score: 5, Informative

    "We did the thing we should have done in the first place after some guys pointed out what a bunch of dumb motherfuckers we'd been."

    1. Re:"Sorry about that" by theskipper · · Score: 3, Informative

      "And luckily no one will remember what our employees were posting in public forums about the issue, nor our sock puppets that modded them up"

      http://yro.slashdot.org/commen...

  2. Complete clusterfuck by ShaunC · · Score: 5, Interesting

    Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware.

    Yeah, if waking up one day to find that most of your business has been handed over to another company is what passes for "notification" these days.

    I hope Microsoft paid them handsomely.

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  3. I see these and laugh by portwojc · · Score: 4, Insightful

    I always find it funny to see Microsoft using legal actions to fight malware rather than just fix the problem...

    1. Re:I see these and laugh by John+Bokma · · Score: 3, Informative

      I am no longer surprised that even at a tech site people really think that malware is a MS-only issue...

      --

      Perl Programmer for hire
    2. Re:I see these and laugh by disposable60 · · Score: 2

      When lawyers make decisions, the decision is always 'Pay some lawyers!' Never 'Pay some engineers!'

      --
      You're looking for quotes? See my journal.
  4. Re:Short version of article by gauauu · · Score: 4, Insightful

    Not really. They got away with it at no real cost. Chances are our "small Nevada hosting provider" was cooperating fully with Microsoft, and playing the victim card helps avoid bad press. Or it could be covering up a National Security Letter.

    I don't know, the message from No-IP includes the statement: "While we are extremely pleased with the settlement terms, we are outraged by Microsoft’s tactics and that we were not able to completely and immediately restore services to the majority of our valuable customers that had been affected." This sounds an awful lot like code for "Microsoft paid us a metric crap-ton of money, but part of the agreement is that we wouldn't tell how much."

  5. In other news... by Scutter · · Score: 3, Funny

    ...an unnamed small Nevada hosting provider was the subject of an intense and unannounced BSA audit on Thursday...

    --

    "Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
  6. Re:Could have been avoided by Anonymous Coward · · Score: 2, Insightful

    More importantly, it's absolutely *insane* that companies can seize other companies' assets like this. This is something only law enforcement should be able to do.

  7. How does it NOT? by Uberbah · · Score: 2

    If Microsoft wasn't the "bad guy", why offer a settlement less than two weeks later?

    I don't like Redmond

    For some reason I feel like doubting the sincerity of this statement.

  8. A real malware takedown... by UltraZelda64 · · Score: 2

    ...would be shutting down these god damn Windows machines that are infected zombies taking on the malicious tasks that this whole damn situation is about. No-IP is nothing without Microsoft's infected junk spewing garbage and infections all over the Internet. It's not like Microsoft doesn't hold the keys to immobilize a system running their own operating system anyway, they have the kill switch built right in to the OS before you even buy the license to run it in the form of WGA.

  9. The numbers never did add up by whoever57 · · Score: 2

    Microsoft portrayed No-IP as primarily a business making money from botnet operators, but Microsoft only listed a few hundred subdomain names that were implicated. Compared to what I imagine is hundreds of thousands, or millions (or tens of millions) of subdomain names that No-IP must support to have a viable business, it's a tiny fraction.

    --
    The real "Libtards" are the Libertarians!
    1. Re:The numbers never did add up by whoever57 · · Score: 3, Informative

      So I actually RTFA, and I see that it is 5 million subdomain names. That is a few hundred subdomains implicated as used by botnets against 5 million. It doesn't support a conclusion that No-IP was somehow in league with the botnet operators or that support for botnets was a significant part of No-IP's business.

      --
      The real "Libtards" are the Libertarians!
  10. Re:This was never about malware by lister+king+of+smeg · · Score: 2

    If you think about it, Microsoft has a close relationship with the NSA - see the _NSAKey scandal.
    Routing all traffic No-ip traffic through MS controlled servers, it can safely be assumed the data was routed to the NSA.
    The full list of no-ip names and associated internet addresses (and thus identities of the users) I think could be a very valuable thing for the government.
    It smells wrong.

    Um you could get their identity by traceing each dns entry to its ip address in most cases

    --
    ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  11. A quick question, if I may? by Weaselmancer · · Score: 5, Insightful

    Who made Microsoft the fucking internet police anyway?

    --
    Weaselmancer
    rediculous.
  12. Re:Short version of article by JosKarith · · Score: 2

    When the 800-lb gorilla in the room gestures at you to drop your pants the only choice you have is whether he breaks your arm first or not...

    --
    'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'