US tech giant says malware produced in Kuwait & Algeria is most high-profile ever outside Eastern Europe.
US technology giant Microsoft has reportedly launched a massive anti-cybercrime operation targeting hackers in Kuwait and Algeria.
The operation will target traffic involving malicious software known as Bladabindi and Jenxcus, which Microsoft said work in similar ways and were written and distributed by developers in Kuwait and Algeria.
In what the company says is the most high profile case of malware written by developers outside of Eastern Europe, the malware could have infected as many as 20 million computers worldwide; 7.5 million have been detected by Microsoft anti-virus software, which is only installed on about 30 percent on computers, according to Reuters.
The operation has been ordered by a US court and will disrupt communication channels between hackers and infected computers.
According to court documents cited by Reuters, the malware has dashboards with point-and-click menus to execute functions such as viewing a computer screen in real time, recording keystrokes, stealing passwords and listening to conversations.
The developers used social media, including videos on YouTube and a Facebook page, to lure in unsuspecting victims.
The court order allows Microsoft to disrupt communications between infected machines and Reno, Nevada-based Vitalwerks Internet Solutions.
Assistant general counsel of Microsoft's cybercrime-fighting Digital Crimes Unit said about 94 percent of all machines infected with the two viruses communicate with hackers through Vitalwerks servers. Criminals use Vitalwerks as an intermediary to make it more difficult for law enforcement to track, he said.
The court ordered the registries that direct internet communications to send suspected malicious traffic to Microsoft servers in Redmond, Washington, instead of to Vitalwerks.
In an operation that begins Monday, Boscovich said, Microsoft will filter out communications from PCs infected with another 194 types of malware also being filtered through Vitalwerks.
Vitalwerks said Microsoft's actions have disrupted service for millions of internet users.
"Vitalwerks and (operational subsidiary) No-IP have a very strict abuse policy. Our abuse team is constantly working to keep the No-IP system domains free of spam and malicious activity," spokeswoman Natalie Goguen said in a statement.
Microsoft has not accused Vitalwerks of involvement in any cybercrime, though it alleges the company failed to take proper steps to prevent its system from being abused.