Chinese Cybercrime Site Cleans Up
Chinese Cybercrime Site Cleans Up
  • Korea IT Times (info@koreaittimes.com)
  • 승인 2012.10.08 19:07
  • 댓글 0
이 기사를 공유합니다

Cybercriminals try to steal login names and passwords for online banks

CALIFORNIA, USA – A Chinese company that ran a web-hosting firm that was a favourite among cybercriminals has agreed to clean up its act.

Hosting firm 3322.org's web domains were seized by Microsoft as it investigated a cybercrime gang.

Microsoft found evidence that 70,000 of the web domains overseen by 3322.org were malicious.

Peng Yong, owner of 3322.org, has now pledged to help Microsoft stem abuse of its web space.

Traffic analysis

Chinese hosting firm 3322.org came to Microsoft's notice during its efforts to track down the fraudsters behind the Nitol botnet.

A botnet is a network of PCs that cybercriminals have taken over using viruses or loopholes in popular programs. Spam, phishing and website attacks are often run through these botnets.

Called Operation b70, Microsoft's investigation found that some PCs were being sold with malicious code already installed on them. The cybercriminals behind Nitol managed this feat by infiltrating insecure supply chains to install the malware.

The creators of Nitol had rented webspace from 3322.org and were using it as a command and control system for their growing collection of infected PCs.

Microsoft's investigation uncovered extensive abuse of 3322.org domains and promoted it to take legal action to seize the domains - many of which were found on US servers.

Since it seized the web domains in mid-September, Microsoft said almost eight million infected machines had tried to contact one or more of the 70,000 malicious domains.

As part of a legal settlement to regain control of 3322.org, founder Peng Yong has given assurances that he will work with Microsoft and China's central computer security agency to limit abuse of the site's domains.

In addition, the 70,000 malicious domains have been mothballed and traffic for them will be routed into what is known as a "sinkhole" so they can be analysed by cybercrime investigators.

Work has also begun to identify the individuals and gangs behind the malicious domains.

Source: BBC News

http://www.bbc.com/news/technology-19844158


댓글삭제
삭제한 댓글은 다시 복구할 수 없습니다.
그래도 삭제하시겠습니까?
댓글 0
댓글쓰기
계정을 선택하시면 로그인·계정인증을 통해
댓글을 남기실 수 있습니다.

  • ABOUT
  • CONTACT US
  • SIGN UP MEMBERSHIP
  • RSS
  • 2-D 678, National Assembly-daero, 36-gil, Yeongdeungpo-gu, Seoul, Korea (Postal code: 07257)
  • URL: www.koreaittimes.com | Editorial Div: 82-2-578- 0434 / 82-10-2442-9446 | North America Dept: 070-7008-0005 | Email: info@koreaittimes.com
  • Publisher and Editor in Chief: Monica Younsoo Chung | Chief Editorial Writer: Hyoung Joong Kim | Editor: Yeon Jin Jung
  • Juvenile Protection Manager: Choul Woong Yeon
  • Masthead: Korea IT Times. Copyright(C) Korea IT Times, All rights reserved.
ND소프트