Microsoft launches operation against Kuwaiti hackers

US tech giant says malware produced in Kuwait & Algeria is most high-profile ever outside Eastern Europe.

(Getty Images)

(Getty Images)

US technology giant Microsoft has reportedly launched a massive anti-cybercrime operation targeting hackers in Kuwait and Algeria.

The operation will target traffic involving malicious software known as Bladabindi and Jenxcus, which Microsoft said work in similar ways and were written and distributed by developers in Kuwait and Algeria.

In what the company says is the most high profile case of malware written by developers outside of Eastern Europe, the malware could have infected as many as 20 million computers worldwide; 7.5 million have been detected by Microsoft anti-virus software, which is only installed on about 30 percent on computers, according to Reuters.

The operation has been ordered by a US court and will disrupt communication channels between hackers and infected computers.

According to court documents cited by Reuters, the malware has dashboards with point-and-click menus to execute functions such as viewing a computer screen in real time, recording keystrokes, stealing passwords and listening to conversations.

The developers used social media, including videos on YouTube and a Facebook page, to lure in unsuspecting victims.

The court order allows Microsoft to disrupt communications between infected machines and Reno, Nevada-based Vitalwerks Internet Solutions.

Assistant general counsel of Microsoft's cybercrime-fighting Digital Crimes Unit said about 94 percent of all machines infected with the two viruses communicate with hackers through Vitalwerks servers. Criminals use Vitalwerks as an intermediary to make it more difficult for law enforcement to track, he said.

The court ordered the registries that direct internet communications to send suspected malicious traffic to Microsoft servers in Redmond, Washington, instead of to Vitalwerks.

In an operation that begins Monday, Boscovich said, Microsoft will filter out communications from PCs infected with another 194 types of malware also being filtered through Vitalwerks.

Vitalwerks said Microsoft's actions have disrupted service for millions of internet users.

"Vitalwerks and (operational subsidiary) No-IP have a very strict abuse policy. Our abuse team is constantly working to keep the No-IP system domains free of spam and malicious activity," spokeswoman Natalie Goguen said in a statement.

Microsoft has not accused Vitalwerks of involvement in any cybercrime, though it alleges the company failed to take proper steps to prevent its system from being abused.

Related:
Join the Discussion

Disclaimer:The view expressed here by our readers are not necessarily shared by Arabian Business, its employees, sponsors or its advertisers.

Please post responsibly. Commenter Rules

  • No comments yet, be the first!

All comments are subject to approval before appearing

Further reading

Features & Analysis
Inside Google's brave new world

Inside Google's brave new world

The $500bn technology giant is extending its reach into hardware...

Under attack: how to beat the hackers

Under attack: how to beat the hackers

The smarter technology gets the more opportunities there are...

After all the hype, what's the future for Hyperloop One

After all the hype, what's the future for Hyperloop One

Los Angeles-based Hyperloop One may have struck a deal this month...

1
Most Discussed
sponsoredTracking