¿Quieres recibir una notificación por email cada vez que Cesarromero escriba una noticia?
"The order allows microsoft to host the 3322.org domain, which hosted the Nitol botnet, through microsoft 's newly created domain name system (DNS). This system enables microsoft to block operation of the Nitol botnet and nearly 70, 000 other malicious subdomains hosted on the 3322.org domain, while allowing all other traffic for the legitimate subdomains to operate without disruption, " he said in the post. microsoft discovered Nitol while investigating how cybercriminals are abusing the third party software supply chain with counterfeit software rigged with malware -- one of the vectors Nitol used to spread its bot malware.70-459Like any botnet takedown, the effects were immediate -- but likely only temporary. The 3322.org domain hosts about half of Nitol's domains. And nearly 86 percent of Nitol's servers operate out of China, and nearly 10 percent out of the U.S.Gunter Ollmann, vice president of research at Damballa, so far counts more than 70 different botnets that rely on the 3322.org microsoft domain for their command-and-control infrastructure, with some 407 domains within 3322.org being used for C&C. But the 3322.org domain is just one malicious domain among many: "Most of the 70-plus botnets have C&C in other Dynamic DNS hosting providers as backup. So takedown of 3322 .org is inconvenient, but not end-of-days, " Ollmann says. It will provide some insight into the infections and command-and-control, however, according to Ollmann.