Forgot your password?
typodupeerror
Microsoft The Courts The Internet

Microsoft Settles With No-IP After Malware Takedown 83

Posted by timothy
from the semi-mulligan dept.
Trailrunner7 (1100399) writes It's been a weird couple of weeks for Microsoft. On June 30 the company announced its latest malware takedown operation, which included a civil law suit against Vitalwerks, a small Nevada hosting provider, and the seizure of nearly two dozen domains the company owned. Now, 10 days later, Microsoft has not only returned all of the seized domains but also has reached a settlement with Vitalwerks that resolves the legal action. Some in the security research community criticized Microsoft harshly for what they saw as heavy handed tactics. Within a few days of the initial takedown and domain seizure Microsoft returned all of the domains to Vitalwerks, which does business as No-IP.com. On Wednesday, the software giant and the hosting provider released a joint statement saying that they had reached a settlement on the legal action. "Microsoft has reviewed the evidence provided by Vitalwerks and enters into the settlement confident that Vitalwerks was not knowingly involved with the subdomains used to support malware. Those spreading the malware abused Vitalwerks' services," the companies said in a joint statement. "Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware. The parties have agreed to permanently disable Vitalwerks subdomains used to control the malware."
This discussion has been archived. No new comments can be posted.

Microsoft Settles With No-IP After Malware Takedown

Comments Filter:
  • "Sorry about that" (Score:5, Informative)

    by Anonymous Coward on Thursday July 10, 2014 @01:45PM (#47425477)
    "We did the thing we should have done in the first place after some guys pointed out what a bunch of dumb motherfuckers we'd been."
  • by Anonymous Coward

    It's the law. According to an American judge.

  • Complete clusterfuck (Score:5, Interesting)

    by ShaunC (203807) on Thursday July 10, 2014 @01:58PM (#47425597)

    Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware.

    Yeah, if waking up one day to find that most of your business has been handed over to another company is what passes for "notification" these days.

    I hope Microsoft paid them handsomely.

    • Microsoft identified malware that had escaped Vitalwerks' detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware.

      Yeah, if waking up one day to find that most of your business has been handed over to another company is what passes for "notification" these days. I hope Microsoft paid them handsomely.

      For the land of the free, judicial misbehavior never seems to be mentioned when due a mention while it is blared from the rooftops when they rule correctly. IT SEEMS to me that the most important target of criticism here is missing since Microsoft went to--and got--an order by an authority, who should have had the compe

      • They were disabling the domains not selling them to another company to use. And it seems like this incident was settled by using the protections built into the judicial system. In the end the company was compensated and MS got the offending domains disabled. The bigger question is why does MS even make the effort to root out malware and shut it down? Identifying and taking down malware networks benefits everyone using the internet not just MS.

  • by Anonymous Coward

    If only the idiot judge that approved the request for injunction had demanded to see some factual evidence that No-IP was actively aiding from the two bot herders also listed in the motion instead of just taking Microsoft's flimsy insinuations for it. Plus, it might have helped if the judge had given No-IP the chance to defend themselves before court instead of permitting the ex-parte session.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      More importantly, it's absolutely *insane* that companies can seize other companies' assets like this. This is something only law enforcement should be able to do.

  • by portwojc (201398) on Thursday July 10, 2014 @02:11PM (#47425671) Homepage

    I always find it funny to see Microsoft using legal actions to fight malware rather than just fix the problem...

    • by John Bokma (834313) on Thursday July 10, 2014 @02:22PM (#47425781) Homepage
      I am no longer surprised that even at a tech site people really think that malware is a MS-only issue...
    • When lawyers make decisions, the decision is always 'Pay some lawyers!' Never 'Pay some engineers!'

  • by Scutter (18425) on Thursday July 10, 2014 @02:18PM (#47425733) Journal

    ...an unnamed small Nevada hosting provider was the subject of an intense and unannounced BSA audit on Thursday...

    • ...an unnamed small Nevada hosting provider was the subject of an intense and unannounced BSA audit on Thursday...

      I get the feeling that the actual headline is "Vitalwerks staff vacationing in the Caribbean for the next couple of months".

  • by N3tRunner (164483) *
    Even if they may have jumped the gun in this case, at least somebody's out there trying to do some enforcement.
    • I run an ISP. Is it kosher for me to block all IE browser traffic? After all, IE is one of the largest vectors of malware infections on earth. At least I'd be "out there doing some enforcement."

      Microsoft enforcement policy: "Ready! Fire! Aim!"

      BTW, I didn't see where Microsoft apologized for their actions to the Internet community.
  • by UltraZelda64 (2309504) on Thursday July 10, 2014 @02:50PM (#47426013)

    ...would be shutting down these god damn Windows machines that are infected zombies taking on the malicious tasks that this whole damn situation is about. No-IP is nothing without Microsoft's infected junk spewing garbage and infections all over the Internet. It's not like Microsoft doesn't hold the keys to immobilize a system running their own operating system anyway, they have the kill switch built right in to the OS before you even buy the license to run it in the form of WGA.

  • by whoever57 (658626) on Thursday July 10, 2014 @02:57PM (#47426063) Journal
    Microsoft portrayed No-IP as primarily a business making money from botnet operators, but Microsoft only listed a few hundred subdomain names that were implicated. Compared to what I imagine is hundreds of thousands, or millions (or tens of millions) of subdomain names that No-IP must support to have a viable business, it's a tiny fraction.
  • Azure doesn't scale. The load placed on if by redirecting the domains was probably far less than the surge that a suddenly-popular web host might encounter, yet it failed miserably.

    Microsoft might not have to pay any monetary damages for the havok they caused, but they might get a hit to their pocketbooks anyway.

    People looking to move their operations to the "cloud" would do well to look at this performance, and consider what might happen to *their* traffic...

    • by Anonymous Coward

      It wasn't a load problem. The setup was just wrong (recursive resolvers used as authoritative servers didn't answer non-recursive queries correctly). It wouldn't have worked if Microsoft had given it all the CPU power and network capacity in the world. Garbage in, garbage out.

      • Re: (Score:2, Interesting)

        by whoever57 (658626)

        It wasn't a load problem. The setup was just wrong (recursive resolvers used as authoritative servers didn't answer non-recursive queries correctly). It wouldn't have worked if Microsoft had given it all the CPU power and network capacity in the world. Garbage in, garbage out.

        The takeaway is either:

        1. No business should use Azure because Azure doesn't scale. OR:
        2. No business should rely on Microsoft services, because Microsoft does not have the necessary competence.

        This is only the latest in a line o

  • by Weaselmancer (533834) on Thursday July 10, 2014 @03:39PM (#47426391)

    Who made Microsoft the fucking internet police anyway?

    • <i>Who made Microsoft the fucking internet police anyway?</i>

      A judge who clearly needs to be impeached for wild and willful violation of the Fifth Amendment.

Our business in life is not to succeed but to continue to fail in high spirits. -- Robert Louis Stevenson

Working...