amuck-landowner

Several No-IP domains seized by Microsoft via court order

howardsl2

New Member
Quoting Dynamoo's Blog:

The nameservers for the following dynamic DNS domains belonging to no-ip.com may have been seized by Microsoft as the namesevers are pointing to NS7.MICROSOFTINTERNETSAFETY.NET and NS8.MICROSOFTINTERNETSAFETY.NET

This seems to have had the effect of taking down any sites using these dynamic DNS services. This will probably impact a lot of things like webcams, home security systems, personal VPNs any anything else that uses these domains.
 


3utilities.com
bounceme.net
hopto.org
myftp.biz
myftp.org
myvnc.com
no-ip.biz
no-ip.info
noip.me
no-ip.org
redirectme.net
servebeer.com
serveblog.net
servecounterstrike.com
serveftp.com
servegame.com
servehalflife.com
servehttp.com
servemp3.com
servepics.com
servequake.com
sytes.net
zapto.org
References:     

https://news.ycombinator.com/item?id=7967452     
http://blogs.technet.com/b/microsoft_blog/archive/2014/06/30/microsoft-takes-on-global-cybercrime-epidemic-in-tenth-malware-disruption.aspx    

http://blog.dynamoo.com/2014/06/several-no-ipcom-domains-apparently.html   
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
Sorry no time :)

http://blogs.technet.com/b/microsoft_blog/archive/2014/06/30/microsoft-takes-on-global-cybercrime-epidemic-in-tenth-malware-disruption.aspx

That has summary of situation...

We’re taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals to infect innocent victims with the Bladabindi (NJrat) and Jenxcus (NJw0rm) family of malware. In the past, we’ve predominately seen botnets originating in Eastern Europe; however, the authors, owners and distributors of this malware are Kuwaiti and Algerian nationals. The social media-savvy cybercriminals have promoted their wares across the Internet, offering step-by-step instructions to completely control millions of unsuspecting victims’ computers to conduct illicit crimes—demonstrating that cybercrime is indeed a global epidemic.
 

willie

Active Member
Wonder how this sort of thing will play if (hah) DNSSEC gets widely deployed.  I had the impression (maybe wrong, I wasn't paying attention) that no-ip was a legitimate service being misused, as opposed to a scam front.  So I'm not keen on tons of their users having their DNS traffic intercepted by Microsoft.
 

splitice

Just a little bit crazy...
Verified Provider
This is probably going to hurt Microsoft badly.

Alot of small - medium sized businesses purchase access to services like these to provide a dns alias to customers services (often coupled with router support). e.g router1-customer.no-ip.com

I know of two such companies who use dyndns for this use case.
 

switsys

Active Member
The latest message from No-IP:

     

"We would like to give you an update and announce that ALL of the 23 domains that were seized by Microsoft on June 30 are now back in our control.
Please realize that it may take up to 24 hours for the DNS to fully propagate, but everything should be fully functioning within the next day.
One of the domains, noip.me, took longer to get back online, but it should be fully restored within the next day.

Is your service back up?
Please send us a tweet and let us know.

https://twitter.com/noipcom/

We are so sorry for the inconvenience that this takedown has caused our customers.
Thank you so much for the support and for sticking with us through this entire process this week.
More information surrounding the event will be released within the next few days, so stay tuned.

Again, THANK YOU."
 
Top
amuck-landowner