Chinese cybercrime site cleans up

Bank login Cybercriminals try to steal login names and passwords for online banks

Related Stories

A Chinese company that ran a web-hosting firm that was a favourite among cybercriminals has agreed to clean up its act.

Hosting firm's web domains were seized by Microsoft as it investigated a cybercrime gang.

Microsoft found evidence that 70,000 of the web domains overseen by were malicious.

Peng Yong, owner of, has now pledged to help Microsoft stem abuse of its web space.

Traffic analysis

Chinese hosting firm came to Microsoft's notice during its efforts to track down the fraudsters behind the Nitol botnet.

A botnet is a network of PCs that cybercriminals have taken over using viruses or loopholes in popular programs. Spam, phishing and website attacks are often run through these botnets.

Called Operation b70, Microsoft's investigation found that some PCs were being sold with malicious code already installed on them. The cybercriminals behind Nitol managed this feat by infiltrating insecure supply chains to install the malware.

The creators of Nitol had rented webspace from and were using it as a command and control system for their growing collection of infected PCs.

Microsoft's investigation uncovered extensive abuse of domains and promoted it to take legal action to seize the domains - many of which were found on US servers.

Since it seized the web domains in mid-September, Microsoft said almost eight million infected machines had tried to contact one or more of the 70,000 malicious domains.

As part of a legal settlement to regain control of, founder Peng Yong has given assurances that he will work with Microsoft and China's central computer security agency to limit abuse of the site's domains.

In addition, the 70,000 malicious domains have been mothballed and traffic for them will be routed into what is known as a "sinkhole" so they can be analysed by cybercrime investigators.

Work has also begun to identify the individuals and gangs behind the malicious domains.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories


Features & Analysis

  • Dana Lone HillDana Lone Hill

    The Native American names that break Facebook rules

  • Painting from Rothschild collectionDark arts Watch

    The 50-year fight to recover paintings looted by the Nazis

  • Mukesh SinghNo remorse

    Delhi bus rapist says victim shouldn't have fought back

  • Signposts showing the US and UK flagsAn ocean apart

    How British misunderstanding of the US is growing

BBC Future

(US Navy)

The world’s noisiest spy plane

The Soviet giant that still soldiers on


  • 3D model of Christ the Redeemer statueClick Watch

    Using drones to 3D map the famous Brazilian landmark Christ the Redeemer

Try our new site and tell us what you think. Learn more
Take me there

Copyright © 2015 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.