In August 2011 Microsoft began to investigate the claims that pirated software along with malware were installed onto company`s PCs in China. The company sent its employees to buy 10 laptops and 10 desktops from "PC Malls" in various cities in China. It turned out that 4 PCs where infected with malware.
1 of 4 PCs was infected with Nitol virus that installs backdoor used for spam and DDoS attacks and was a part of a botnet hosted at 3322.org. Microsoft further investigation showed that there were around 500 different strains of malware on 70,000 sub-domains.
Microsoft was not successful in approaching the hosting company so it decided to apply to take over the domain through the courts. Microsoft's Digital Crimes Unit asked the Eastern District of Virginia to allow them to disable these domains as part of "Operation b70", and has now been given permission, through a temporary restraining order, to take over control of the 3322.org domain and block the operation of the Nitol botnet and the other malware. As there are legitimate subdomains of 3322.org, Microsoft is filtering access with the help of Nominum, and allowing traffic to them through while blocking access to malicious subdomains.
Security Bulletins
Latest Malware Updates
Downloader.Busadom!g102/27/2015Infostealer.Posteal02/26/2015Downloader.Busadom02/26/2015Trojan.Ladocosm02/26/2015SONAR.SuspDocRun02/25/2015SONAR.SuspHelpRun02/25/2015W32.Tempedreve.D!inf02/25/2015SONAR.PUA!AlnadInsta02/25/2015SONAR.Infostealer!g502/25/2015SONAR.Infostealer!g402/25/2015 |
|
Security Advisories Database
Remote Code Execution Vulnerability in Microsoft OpenType Font DriverA remote attacker can execute arbitrary code on the target system. 07/21/2015Multiple Vulnerabilities in Linux kernel03/04/2015SQL Injection Vulnerability in PiwigoSQL inection vulnerability has been discovered in Piwigo. 02/05/2015Cross-site Scripting Vulnerability in DotNetNukeA cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke. 02/05/2015Cross-site Scripting Vulnerability in Hitachi Command SuiteA cross-site scripting vulnerability was found in Hitachi Command Suite. 02/02/2015Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk HandlingAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-ForwardsAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"An attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Linux Kernel spliceAn attacker can perform a denial of service attack. 01/29/2015Denial of service vulnerability in Python Pillow Module PNG Text Chunks DecompressionAn attacker can perform a denial of service attack. 01/20/2015 |