Chinese cybercrime site cleans up

Bank login Cybercriminals try to steal login names and passwords for online banks

Related Stories

A Chinese company that ran a web-hosting firm that was a favourite among cybercriminals has agreed to clean up its act.

Hosting firm 3322.org's web domains were seized by Microsoft as it investigated a cybercrime gang.

Microsoft found evidence that 70,000 of the web domains overseen by 3322.org were malicious.

Peng Yong, owner of 3322.org, has now pledged to help Microsoft stem abuse of its web space.

Traffic analysis

Chinese hosting firm 3322.org came to Microsoft's notice during its efforts to track down the fraudsters behind the Nitol botnet.

A botnet is a network of PCs that cybercriminals have taken over using viruses or loopholes in popular programs. Spam, phishing and website attacks are often run through these botnets.

Called Operation b70, Microsoft's investigation found that some PCs were being sold with malicious code already installed on them. The cybercriminals behind Nitol managed this feat by infiltrating insecure supply chains to install the malware.

The creators of Nitol had rented webspace from 3322.org and were using it as a command and control system for their growing collection of infected PCs.

Microsoft's investigation uncovered extensive abuse of 3322.org domains and promoted it to take legal action to seize the domains - many of which were found on US servers.

Since it seized the web domains in mid-September, Microsoft said almost eight million infected machines had tried to contact one or more of the 70,000 malicious domains.

As part of a legal settlement to regain control of 3322.org, founder Peng Yong has given assurances that he will work with Microsoft and China's central computer security agency to limit abuse of the site's domains.

In addition, the 70,000 malicious domains have been mothballed and traffic for them will be routed into what is known as a "sinkhole" so they can be analysed by cybercrime investigators.

Work has also begun to identify the individuals and gangs behind the malicious domains.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

BBC Future

(Thinkstock)

‘I freeze people to cheat death’

The man with 100 bodies in his freezer Read more...

Programmes

  • Evan Blass (known as evLeaks on Twitter)Click

    One of the world's top technology leakers - Evan Blass - explains how he gathers his secrets

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.