Microsoft has accidentally taken down potentially millions of dynamic IP users while going after subdomains used by criminals taking advantage of the free No-IP service, run by Vitalwerks Internet Solutions in Nevada. Yesterday (US time) they used a court order to take control of domains belonging to no-IP, which their users map to their temporary dynamic addresses, and stopped them from all from working. According to No-IP themselves, what Microsoft tried to do is redirect the domain names to their own servers and filter off the bad ones, but they failed spectacularly because Microsoft’s servers weren’t up to the job (as per usual) and collapsed under the weight of traffic.
No-IP are decidedly hacked off by Microsoft, pointing out that they have a good reputation when it comes to dealing with abuse and had Microsoft but contacted them about the sub-domains in question they’d have done something about it. Instead, secretly, Microsoft goes and gets a court order and acts without warning.
According to, Richard Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit, “Despite numerous reports by the security community on No-IP domain abuse, the company has not taken sufficient steps to correct, remedy, prevent or control the abuse or help keep its domains safe from malicious activity”. He’s referring to Cisco here, as far as I know. The security community regularly reports on all anonymous free services, all of which are exploited by criminals. As yet, I’ve heard nothing from Microsoft to actually back his statement up. In another post, Microsoft’s Tom Rains, a marketing manager in the their Trustworthy Computing division, explains that they were after Bladabindi and Jenxcus, both of which use No-IP provided subnets in the C&C. He doesn’t imply any wrongdoing by Vitalwerks, or justify the way Microsoft has treated them.
Quite why Microsoft has any claim to be the world’s cyber-police is hard to see, given that most criminals (based on our research) prefer Microsoft’s free, no-checks, outlook.com email service. Perhaps Microsoft should try getting its own house in order first?
I’m still waiting for any official comment back from Microsoft.