Microsoft has taken legal action to combat the spread of malware that the company says can be traced to bad actors in Kuwait and Algeria.
In a recent civil suit, Microsoft named two foreign nationals, Mohamed Benabdellah and Naser Al Mutairi, and the U.S. domain hosting company Vitalwerks Internet Solutions, for their roles in creating malicious software that has infected millions of computers, including Microsoft customers. Vitalwerks operates as No-IP.com, a free domain-name service.
The suit was filed June 19 in a federal court in Nevada and was unsealed Monday.
The case reveals a level of activity in the origination of malware that typically is confined to Eastern Europe, “demonstrating that cybercrime is indeed a global epidemic,” said Richard Domingues Boscovich, assistant general counsel at Microsoft’s Digital Crimes Unit, in a blog post.
Microsoft calls its action the company’s third malware disruption since unveiling its Microsoft Cybercrime Center late last year.
The case is focused on the family of malware known as Bladabindi and Jenxcus. The malware was promoted via social media, Microsoft said, and was spread through No-IP.
On June 26 the Nevada court made Microsoft the authority for No-IP’s domains. Microsoft said it has seen over the past year more than 7.4 million cases of Bladabindi-Jenxcus malware, which can take control of people’s computers, steal passwords, and turn on webcams and microphones.
No-IP has not created the malware, Microsoft said, but the service has not taken adequate steps to keep its domains safe from malicious activity. “We’re taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals,” Boscovich said.
Microsoft said the case and operation were ongoing.