Nitol botnet


Nitol Infections Fall, But Malware Still Popping Up

When Microsoft went after the Nitol botnet in September, one of the key details in the investigation was the fact that much of the botnet was built by pre-loading malware onto laptops during the manufacturing process in China. This was the clearest case yet of the phenomenon of certified pre-owned devices making their way through the supply chain and into the market. As it turns out, nearly half a million of those infected machines showed up here in the U.S.

Nitol Botnet Shares Code with Other China-Based DDoS Malware

Microsoft has learned that much of the code used by the Nitol malware family is copied from free malware resources hosted on Chinese websites. Microsoft posted portions of the code online this week where similar lines used for denial of service attack functionality are present in Nitol and on the sites in question.

Microsoft Carries out Nitol Botnet Takedown

A botnet known as Nitol, built on the backs of PCs and laptops loaded with malware somewhere in the supply chain, was taken down by Microsoft. Microsoft’s Digital Crimes Unit was given permission this week by the U.S. District Court for the Eastern District of Virginia to take over the 3322.org domain and more than 70,000 sub-domains hosting the Nitol botnet. 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.