Microsoft files case against, takes control of 22 domains

Continuing its crusade against global cybercrimes, Microsoft filed a civil case in the court against a U.S. company, named as and was granted control of 22 domains run by Microsoft said that Vitalwerks Internet Solutions, LLC (doing business as has been creating, controlling, and assisting in infecting millions of computers with malicious software.


This activity has harmed Microsoft, its customers and the public at large, said Microsoft. Apart from Microsoft has also named two foreign nationals, Mohamed Benabdellah and Naser Al Mutairi for their alleged role in spreading cybercrimes.

Domains of may have been compromised

Alleging that the domains of were being used by cybercriminals to manage and distribute malware, Microsoft said that cybercriminals are using them to infect computers with the Bladabindi (NJrat) and Jenxcus (NJw0rm) family of malware.

Sounding caution against free Dynamic DNS providers, Richard Domingues Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit, wrote on the company’s blog,

“Dynamic Domain Name Service (DNS) is essentially a method of automatically updating a listing in the Internet’s address book, and is a vital part of the Internet. However, if not properly managed, a free Dynamic DNS service like No-IP can hold top-rank among abused domain. Our research revealed that out of all Dynamic DNS providers, No-IP domains are used 93 percent of the time for Bladabindi-Jenxcus infections, which are the most prevalent among the 245 different types of malware currently exploiting No-IP domains”.

Microsoft said that it would be monitoring the 22 free No-IP domains, identifying and routing all known bad traffic to the Microsoft sinkhole and classify the identified threats. The information would then be added to the Microsoft’s Cyber Threat Intelligence Program (CTIP) and provided to Internet Service Providers (ISPs) and global Computer Emergency Response Teams (CERTs) to help repair the damage caused by Bladabindi-Jenxcus and other types of malware.

Update: David Finn, Executive director and associate general counsel of Microsoft’s Digital Crimes Unit, sent as email stating that due to a technical error, some customers whose devices were not infected by the malware has experienced a temporary loss of service.

While, the Free Dynamic DNS provider, has formally replied to Microsoft’s action, saying that Microsoft never contacted them even though they were open to any line of communication. “Had Microsoft contacted us, we could and would have taken immediate action. Microsoft now claims that it just wants to get us to clean up our act, but its draconian actions have affected millions of innocent Internet users”, said on their website.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 + 9 =