The Inquirer-Home

Microsoft says No-IP accounts massacre was a technical error

Seized first, explained later
Wed Jul 02 2014, 06:46
Closed sign

MICROSOFT HAS SAID that the No-IP shuttering that led to criticism was partly down to a technical error.

Earlier this week Microsoft hit No-IP in order to stifle malware, but the knock-on effects led to criticism and talk of millions of innocent victims.

Microsoft closed the domains as part of its ongoing battle against cybercrime. In a blog post it said that it rounded on a company operating as No-IP for "creating, controlling, and assisting in infecting millions of computers with malicious software". It said that the network harmed Microsoft and everyone else.

"We're taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals* to infect innocent victims with the Bladabindi (NJrat) and Jenxcus (NJw0rm) family of malware," said Richard Domingues Boscovich, assistant general counsel for Microsoft's digital crimes unit.

"The social media-savvy cybercriminals have promoted their wares across the internet, offering step-by-step instructions to completely control millions of unsuspecting victims' computers to conduct illicit crimes - demonstrating that cybercrime is indeed a global epidemic."

Microsoft said it is sure of a big network and a serious threat to computers and finances. Domingues said that this would be the biggest clean-up operation that the Redmond firm has ever tackled, adding that it suspects an infected network that includes over seven million machines.

No-IP has responded to the seizure and its implication in the story with its own blog post that suggests that perhaps Microsoft could have contacted it in advance of the action and saved a whole lot of trouble.

"We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us," said the blog post.

"Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives."

According to No-IP, Microsoft told it that it will only filter out the bad domains in the network and let the good ones roam free. However, it said that this is not happening and suggested that Microsoft cannot handle the load.

"Apparently, the Microsoft infrastructure is not able to handle the billions of queries from our customers. Millions of innocent users are experiencing outages to their services because of Microsoft's attempt to remediate hostnames associated with a few bad actors," it added.

"Had Microsoft contacted us, we could and would have taken immediate action. Microsoft now claims that it just wants to get us to clean up our act, but its draconian actions have affected millions of innocent internet users."

The firm added that it has a strict abuse policy, but does still suffer from miscreants at times.

Microsoft has since contacted us and said that the mass takedown was down to a "technical error", but again, this has led to criticism."Yesterday morning, Microsoft took steps to disrupt a cyber-attack that surreptitiously installed malware on millions of devices without their owners' knowledge through the abuse of No-IP, an Internet solutions service," said a Redmond spokesperson.

"Due to a technical error, however, some customers whose devices were not infected by the malware experienced a temporary loss of service. As of 6 a.m. Pacific time today, all service was restored. We regret any inconvenience these customers experienced."

No-IP, has responded to this on Twitter, explaining that services were not restored at 6am, and calling the Redmond outfit's claim "not true".

An update to its reaction post to Microsoft's earlier moves said that the downtime was "completely out of its hands."

"We apologise for this outage. At this point it is completely out of our hands, but please understand that we are fighting for you," it said. µ

*We are aware of the irony in this statement.


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Existing User
Please fill in the field below to receive your profile link.
Sign-up for the INQBot weekly newsletter
Click here
INQ Poll

Microsoft Windows 10 poll

Which feature of Windows 10 are you most excited about?