As you may have seen from Reuters, the Microsoft Digital Crimes Unit (DCU) announced its tenth malware disruption on June 30th, the third since the opening of the Cybercrime Center in November.
To protect its customers, Microsoft filed a civil case against Dynamic DNS provider No-IP, and two foreign nationals for their roles in spreading dangerous malware amongst millions of unsuspecting Dynamic DNS customers and others online. With malware origins in the Middle East, this case is a clear example of the globalization of cybercrime.
Microsoft accused No-IP of negligence for being lax in its proactive security measures, allowing the criminals to exploit the service. It named Kuwaiti national Naser Al Mutairi and Algerian national Mohamed Benabdellah for the authorship and distribution of Bladabindi and Jenxcus malware, respectively. Both authors leveraged social media to promote the malware and its use, offering detailed instructions on how to infiltrate the computers of unsuspecting victims, thereby infecting millions of computers worldwide.
Microsoft is committed to keeping people safe online, playing offense against online cybercriminals. This case was pursued due to the high volume of infections to Microsoft customers; it was detected more than 7 million times in the past year by Microsoft anti-virus products. The new threat information will be added to Microsoft’s Cyber Threat Intelligence Program (CTIP) and provided to Internet Service Providers (ISPs) and global Community Emergency Response Teams (CERTs) to help customers repair the damage caused by Bladabindi-Jenxcus and other types of malware.