No-IP has released an official statement in regards to the service outages that their customers saw on their domains early yesterday. Despite many people believing that it was a technical issue with their servers, it turns out that Microsoft served a federal court order and took control of 22 commonly used domains because they believed that some of the No-IP subdomains had been abused by “creators of malware.”
No-IP lost control of around 23 of their domains, with Microsoft redirecting traffic in hopes to stop the spread of the Bladabindi (NJrat) and Jenxcus (NJw0rm) malware.
No-IP stated that after getting into contact with Microsoft, the company said that their “intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve.” No-IP says, however, that this hasn’t been the case, saying that Microsoft’s servers haven’t been able to handle all of the queries that customers have been sending in, resulting in millions of users being unable to access their services.
The company said that if Microsoft had been in contact with them before the takeover took place, they would have taken swift action to remove the offending sub-domains. Instead they decided to be “heavy-handed” and went ahead and stopped access for millions of innocent users.