The company has signed a private settlement that Peng Yong and Changzhou Bei Te Kang Mu Software Technology Co., Ltd., will block all connections to designated malicious subdomains of the 3322.org domain controlled by Peng and Bei Te Kang Mu Software.

BACKGROUND:

DETAILS:

Microsoft has identified those subdomains as hosting command and control servers for the Nitol botnet, which enlists infected machines into botnets that can execute distributed denial-of-service (DDoS) attacks and can also download malicious code for machines to perform whatever commands the bot commander directs.

Traffic to those 3322.org subdomains will be directed to sinkholes run in cooperation with either Microsoft or the China CERT (CN-CERT), according to the agreement, and log information about the computers trying to connect to the subdomains will be shared with CN-CERT. The designated subdomains will be de-registered as well, the agreement states.