Operation b70 continues with a new episode, as Microsoft reached a settlement with Peng Yong, owner of the 3322.org domain, to block all malware in the Nitol botnet.
Back in September
, the Redmond-based technology giant filed a lawsuit against the owner of the 3222.org website, claiming that it hosts more than 500 versions of the Nitol malware on a total of 70,000 subdomains.
While some forms of malware could be preinstalled on computers with pirated Windows software, others could even turn on the PC camera and the microphone, while also recording computer activity.
Microsoft said that its employees would work together with Yong and the Chinese Computer Emergency Response Team to send all malware to a sinkhole computer managed by CN-CERT.
“Since the case is settled, all evidence and discovery collected during Microsoft’s investigation will be handed over to CN-CERT, who will work with the defendant to identify the people behind the malicious subdomains pursuant to Chinese law,” Richard Domingues Boscovich, assistant general counsel, Microsoft Digital Crimes Unit, said
in a statement.
Yong will also have to add subdomains to the block list and even provide information about the owners of infected computers in China. All of them will be assisted to remove the malware from their machines, Microsoft explained.
“Microsoft began sharing the infected IP information to the Shadow Server Foundation in order to reach as many of the Internet Service Providers (ISPs) whose customers were identified as victims. Also, Microsoft initiated data sharing with more than 40 impacted countries through their respective Computer Emergency Response Teams (CERTs) to accelerate victim clean-up efforts,” Boscovich concluded.