Nitol botnet

The Nitol botnet is a botnet mostly involved in spreading malware and distributed denial-of-service attacks.^[1]^[2]

History

The Nitol Botnet was first discovered around December 2012, with analysis of the botnet indicating that the botnet is mostly prevalent in China where an estimate 85% of the infections are detected.^[3]^[4] In China the botnet was found to be present on systems that came brand-new from the factory, indicating the trojan was installed somewhere during the assembly and manufacturing process.^[5] According to Microsoft the systems at risk also contained a counterfeit installation of Microsoft Windows.^[3]

On 10 September 2012 Microsoft took action against the Nitol Botnet by obtaining a court order and subsequently Sinkholing the 3322.org domain.^[6]^[7] The 3322.org domain is a Dynamic DNS which was used by the botnet creators as a command and control infrastructure for controlling their botnet.^[8] Microsoft later settled with 3322.org operator Pen Yong, which allowed the latter to continue operating the domain on the condition that any subdomains linked to malware remain sinkholed.^[9]

References

↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ ^3.0 ^3.1 Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.

External links

Analysis of the Nitol Botnet, created by Microsoft as part of Operation b70

This malware-related article is a stub. You can help Wikipedia by expanding it.

[networkworld-1] Lua error in package.lua at line 80: module 'strict' not found.

[Technet_Counterfeit-2] Lua error in package.lua at line 80: module 'strict' not found.

[Technet-3] 3.0 ^3.1 Lua error in package.lua at line 80: module 'strict' not found.

[ThreatpostTakedown-4] Lua error in package.lua at line 80: module 'strict' not found.

[5] Lua error in package.lua at line 80: module 'strict' not found.

[6] Lua error in package.lua at line 80: module 'strict' not found.

[7] Lua error in package.lua at line 80: module 'strict' not found.

[Damballa-8] Lua error in package.lua at line 80: module 'strict' not found.

[9] Lua error in package.lua at line 80: module 'strict' not found.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

v t e Botnets
Notable botnets	Akbot Asprox Bagle Bredolab Cutwail Conficker Donbot Festi Flame Grum Gumblar Kelihos Koobface Kraken Lethic Mariposa Mega-D Metulji Nitol Rustock Sality Slenfbot Srizbi Storm TDL-4 Torpig Virut Waledac ZeroAccess Zeus
Main articles	Browser security Computer virus Computer worm Malbot Internet security Malware Man-in-the-browser Network security Operation: Bot Roast Trojan horse

Nitol botnet

Contents

History

See also

References

External links

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools