Microsoft Disrupts Nitol Botnet

hypnosec writes "Having procured permission from the U.S. District Court for the Eastern District of Virginia, Microsoft's Digital Crimes Unit managed to disrupt more than 500 different strains of malware in a bid to slow down the threats posed by the Nitol botnet. Microsoft, through an operation codenamed b70 (PDF), discovered Chinese retailers were involved in selling computers with a pirated version of Windows loaded with malware. Microsoft believes the malware could have entered the supply chain at any point, for the simple reason that a computer travels among companies that transport and resell the computer. The Windows 8 maker carried out a study focused on the Nitol botnet, through which it found nearly 20 percent of all the PCs that were purchased through insecure Chinese supply chains were infected with malware."

Who?

[ISoldat53]

I couldn't find in the article who was importing, selling or reselling the affected machines. They mention one individual but not his company.

Re:Who?

[jason.sweet]

According to the article and summary, someone is installing the malware before selling the computer. How can an OS defend against that? Is that Clippy supposed to pop up and ask "You look like a bad guy! Are you sure you want to install this software?"

Re:

[Stan92057]

Thats all you got out of the article?? "The Windows 8 maker" Your fanboyism is showing.

Re:

[Hazel Bergeron]

used a real security model, locked down the system, and there would be no malware, no virus, no antivirus, no UEFI, no nothing today.

And a pony in perpetual motion. Never forget that.

Re:

[ZiakII]

they could have used a real security model, locked down the system, and there would be no malware, no virus, no antivirus, no UEFI, no nothing today.

o boy..... what did I just read? I don't know whether to laugh or actually sigh that you somehow actually somehow believe that drivel that you posted.

Re:Agreed - he's a "Pro-*NIX" moron... apk

[Hazel Bergeron]

apk, I have the "utmost respect" for people regardless of their "background", as such...

but I have a question => as follows:

Could you please tell me why your posts: * are written like this *

HB

With lots of paragraphs comprising long sentences & punctuation! and the occasional bit of emphasis? ... it reminds me of a friend I had who was "recovering" from a drug addiction and he would go off on these long and somewhat incoherent rambles ...

He wasn't "stupid" <= by any stretch of the imagination but you could tell that he was having trouble sorting out thoughts (or at least expressing them (etc.))!

Anyway, it is a simple question: why do you write with this style?

It gives me this feeling like when I sit next to the guy on the bus who clearly can't cope very well and you know he's harmless but you wonder exactly what made him like this and you want to ask him but you are worried he might get attached and * well you know * next thing you'll be inviting him to your house and it's hard to be a good HOST (if you know what I mean)..

... hb

Re:

[Hazel Bergeron]

ACL's which MAC is basically an analog of

P.S. => ++ACL is an anagram of MAC.

Re:

[mcgrew]

Anyway, it is a simple question: why do you write with this style?

I don't know, but can only hypothesize that he's a teenager trying to look "kewl". He doesn't realise how ignorant and foolish it makes him look.

Re:

[KingMotley]

Totally. And only if the auto industry had implemented perpetual motion devices in cars today, then we'd no longer have to buy oil from the middle east.

Re:

[Urza9814]

of course there is one flaw in the plan. the overweight always have excuses why it's not their fault that they eat more calories than they burn. they might get more creative and start coming up with excuses for why they couldn't be bothered to undergo liposuction. perhaps it could be made mandatory? or maybe tax credits could incentivize it? i am open to ideas of course.

REALLY? THAT's the problem you see with this plan??? Seriously???

Obviously the companies that are then selling this extracted fat will provide a free tub of ice cream for every 20 pounds "donated". Or a bag of Doritos.

Re:

[geekoid]

They are slipping the virus into the OS instillation disk, how exactly would a "locked down system" stop that? No system can stop that.

"So today they "disrupted" (nonsense word) a botnet? "
what? disrupted isn't a nonsense word, in fact in this case, it's appropriate.

You might want to study the botnet ecology.

Re:

[mcgrew]

If only back in 1998 when Microsoft knew that Windows 95 was open to all malware, if they'd modified their thinking.

Instead of "let's make it so Win3.1 software can run on all our machines" and "Let's make it so Win95 can run on all our machines" and ropagating that so EVEN THE Win2K (NT) kernel was vulnerable... ...they could have used a real security model, locked down the system, and there
would be no malware, no virus, no antivirus, no UEFI, no nothing today.

Locking down the system means no new software.

Re:

[Dogtanian]

In 1995 nobody envisioned computers being in everyone's home and connected to the internet. Back then, a PC was a single-user device on its own or a local network.

Wrong- the Internet was already starting to break into the public consciousness by 1994, with a mainstream-oriented news/analysis programme about it [wikipedia.org] on British TV by the middle of the year, and mainstream magazines such as this one [wikipedia.org] coming out shortly afterwards.

Windows 95 came out in late 1995, by which time the Internet was becoming quite well-known about; the man on the street had probably heard about it, even if most non-geeks didn't have net access yet. MS hoped they could corral users into using thei

Re:20% vs. 100%

[Krojack]

Knock on wood, I haven't seen a BSOD on any of my Win7 installs yet and I've been running it for about 2.5 years. Also what bloat? Honestly there isn't any on a good install. Unless you're installing a Server version with every service possible on what will be used as a workstation, there isn't any bloat with a fresh install. Now on the other hand, if you install any Symantec products such as Nortan Antivirus, yeah you're screwed then with bloat.

Maybe you have some hardware problems? Buying those cheap Chinese computer parts maybe?

Re:

[Bigbutt]

Pretty regularly, almost daily in fact. But it's the crappy AMD drivers, not Windows that's the culprit.

[John]

Re:20% vs. 100%

[mcgrew]

Also what bloat?

Ah, the inexperience of youth. I haven't seen a program or OS in twenty years that wasn't bloated. There was bloat even back in the DOS days -- I had a program I wrote and ran on a 16k computer. I rewrote it in Clipper, and the 16k program, after it compiled, was over 400k. That is bloat!

I wrote a battle tanks game on a 4k Sinclair computer (in hand-assembled machine code since there was no assembler) that took maybe 500 bytes. There is a Windows version that is nearly identical in gameplay and features to the one I wrote, except it's in color (the Sinclair had no color) and it's 4 megs -- a thousand times as big as the one I wrote. If that's not bloat, I don't know what is.

However, ALL of today's OSes and apps are bloated. Even damned web pages are bloated! It isn't just MS, it's the times themselves.

In my day

[anilg]

16K? Luxury!

The Babbage machine was the only true computer without bloat.

Re:

[mcgrew]

16K? Luxury!

Compared to the Altair, yes it was. IINM that one had 256 bytes total memory.

Re:

[Trilkin]

Oh yeah? [megaupload.com]

You think location matters if people with enough money on the line care enough? Please.

"The Windows 8 maker"

[Zibodiz]

The Windows 8 maker

...did they really need to point that out? It has no bearing on the story whatsoever.

Re:

[Krojack]

Not 20% of all windows PCs. 20% of all the PCs that were purchased through unsecure Chinese supply chain. Read the entire line you quoted next time.

Stole a domain?

[Anonymous Coward]

If I'm reading it right, they took down the botnet by having a US court take it's domain, was that a Chinese owned (.org) domain? I'm all for shutting down botnets, but to me it looks like they said to a US court that XYZ in that other country did something I didn't like, can I take control of their foreign website? I'd hate to see this be used against legitimate foriegn sites.

Linux ad

[ThatsNotPudding]

Newspapers landing on the front porch with headlines of this story.

Voice-over: "This is why you should have a right to buy a computer without an OS."

Corporation does law enforcement?

[Anonymous Coward]

Am I the only person who is worried about a corporation taking over "cyber" issues as a law enforcement agency? I know there are loopholes that let MS act on behalf of the federal government (I saw an explanation of this once, but don't remember the details), but now MS is a world-wide law enforcement agency taking down anyone and everyone they want to? They've been convicted of a monopoly, funded the SCO legal actions, and are virulently anti-free software. And they've just released Windows 8, which takes

Botnet article, PDF link

[symbolset]

Some things never change.

20% seems low

[Rincewind42]

Living in China I see that pirated versions of Microsoft Windows and Office, are the norm not the exception. It is actually difficult to buy the legit software. I remember hunting all over several cities looking for a real Windows 7 CD when it first came out to no avail. If you want the real software, there are only a few PC suppliers who ship with it pre installed. Small local dealers will use pirated software. But the problem is exacerbated because of peoples love for the familiar. Most people in China st