Microsoft and malicious domain operator settle

Share this article:

After filing a suit last month, Microsoft has reached a settlement with a domain operator linked to the Nitol botnet.

Under the terms of the settlement, Peng Yong, the operator of, which not only hosted Nitol but also hundreds of malware strains, has agreed to work with Microsoft and the Chinese Computer Emergency Response Team (CN-CERT).

Yong has denied knowing about any malicious activity that may have taken place on the domain and subdomains. which was outlined in the original complaint. As part of the settlement, Microsoft has dropped the suit against Yong.

Yong, his company Changzhou Bei Te Kang Mu Software Technology, and accomplices listed as “John Does” were named as defendants in the case. 

On Sept. 10, the U.S. District Court in Alexandria, Va. granted a restraining order that allowed Microsoft to host the domain instead of Yong.

Microsoft's launched its takedown effort, codenamed “Operation b70,” after discovering computers of company employees in China were pre-loaded with malware somewhere along the supply chain.

In a post Tuesday on Microsoft's TechNet blog, Richard Boscovich, the assistant general counsel for Microsoft's Digital Crimes Unit, said that since the case was settled, all evidence would be handed over to CN-CERT.

“[CN-CERT] will work with the defendant to identify the people behind the malicious subdomains pursuant to Chinese law,” Boscovich wrote. “We're very pleased by this outcome, which will help guarantee that the 70,000 malicious subdomains associated with will never again be used for cybercrime.”

As part of the settlement, Yong also agreed to direct all malicious communications within the botnet to a sinkhole  to be managed by CN-CERT, and to add new subdomains associated with malware to a block-list.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Kevin Mitnick to sell zero-day exploits

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

FBI warns of potential cyber attacks launched by ISIS hacktivists

Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.

Report: 75 million records compromised so far in 2014

Report: 75 million records compromised so far in ...

An updated report indicates that since this time last year, breaches have increased by 29.4 percent, with 568 breaches occurring this year.