In a recent civil suit, Microsoft named two foreign nationals, Mohamed Benabdellah and Naser Al Mutairi, and the U.S. domain hosting company Vitalwerks Internet Solutions, for their roles in creating malicious software that has infected millions of computers, including Microsoft customers. Vitalwerks operates as No-IP.com, a free domain-name service.
The suit was filed 19th June in a federal court in Nevada and was unsealed Monday.
The case reveals a level of activity in the origination of malware that typically is confined to Eastern Europe.
Microsoft calls its action the company’s third malware disruption since unveiling its Microsoft Cybercrime Centre late last year.
The case is focused on the family of malware known as Bladabindi and Jenxcus. The malware was promoted via social media, Microsoft said, and was spread through No-IP.
On 26th June the Nevada court made Microsoft the authority for No-IP’s domains. Microsoft said it has seen over the past year more than 7.4 million cases of Bladabindi-Jenxcus malware, which can take control of people’s computers, steal passwords, and turn on webcams and microphones.
No-IP has not created the malware, Microsoft said, but the service has not taken adequate steps to keep its domains safe from malicious activity. “We’re taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals,” Richard Domingues Boscovich, assistant general counsel at Microsoft’s Digital Crimes Unit, said in a blog post.
Microsoft said the case and operation were ongoing.