Microsoft Disrupts the Nitol Botnet to Protect Millions from an Emerging Threat

  • Article

Hello,

Because we share an interest in cybersecurity and public safety threats, I wanted to reach out to let you know that the Microsoft Digital Crimes has significantly helped stop the spread of the developing Nitol botnet and, as a result of this proactive action, disrupted an additional 500 different strains of malware.  These threats had the potential to target millions of innocent people. 

Codenamed “Operation b70,” this action grew out of a study conducted by Microsoft researchers on the rise of an emerging cybercrime tactic:  the infiltration of unsecured supply chains to introduce counterfeit software that carries infectious malware. By embedding malware into unsecure supply chains, cybercriminals infect unknowing consumers. Once infected by malware,  consumers are at risk of criminals stealing their personal information to access and abuse their online services, including email, social networking accounts, and online bank accounts.  These abuses include sending of fake emails and social media posts to the victim’s family, friends, and co-workers to scam them out of money, sell them dangerous counterfeit drugs, and infect their computers with malware. 

A supply chain, or a system that gets a product from the manufacturer to a consumer, becomes unsecure when a distributor or reseller receives or sells products from unknown or unauthorized sources. The discovery and successive action against the Nitol botnet stemmed from a Microsoft study looking into unsecured supply chains.  The study confirmed that cybercriminals preload computer hardware sold to consumers with counterfeit software that is infected with malware.  In fact, four of the twenty computers in our research of an unsecured supply chain were infected with malware – that’s a twenty percent infection rate. Making matters worse, the malware can often spread through devices like USB flash drives, transforming an innocent file exchange  into an infectious and dangerous transaction.  This allows malware to spread much like an infectious disease, except there are no visible symptoms to alert a person that they’re in danger or that they could spread the infection to any one or any business that an infected person comes into contact with.

More information about today’s news can be found on the Official Microsoft Blog and on the Microsoft Digital Crimes Unit newsroom.  Please let me know if you have any questions or would like to speak to someone about this development.

See you soon,

Alexandre Marins