Nitol Botnet
   HOME

TheInfoList



Click Here for Items Related To - Nitol Botnet
OR:
Nitol Botnet on:   [Wikipedia]   [Google]   [Amazon]

The Nitol botnet mostly involved in spreading
malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...
and distributed denial-of-service attacks.


History

The Nitol Botnet was first discovered around December 2012, with analysis of the botnet indicating that the botnet is mostly prevalent in China where an estimate 85% of the infections are detected. In China the botnet was found to be present on systems that came brand-new from the factory, indicating the trojan was installed somewhere during the assembly and manufacturing process. According to
Microsoft Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washing ...
the systems at risk also contained a counterfeit installation of
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
. On 10 September 2012 Microsoft took action against the Nitol Botnet by obtaining a
court order A court order is an official proclamation by a judge (or panel of judges) that defines the legal relationships between the parties to a hearing, a trial, an appeal or other court proceedings. Such ruling requires or authorizes the carrying out o ...
and subsequently sinkholing the 3322.org domain. The 3322.org domain is a
Dynamic DNS Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information. The term is used to desc ...
which was used by the botnet creators as a command and control infrastructure for controlling their botnet. Microsoft later settled with 3322.org operator Pen Yong, which allowed the latter to continue operating the domain on the condition that any subdomains linked to malware remain sinkholed.


See also

* Internet crime * Internet security


References


External links


Analysis of the Nitol Botnet
created by
Microsoft Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washing ...
as part of Operation b70 Internet security Distributed computing projects Spamming Botnets {{Malware-stub