Microsoft has unmasked a new malware that reportedly operates from a Chinese domain and spreads through freshly-unboxed PCs that were exclusively assembled by a computer manufacturer, also in China.
The Associated Press (AP) reported on Thursday that Microsoft filed a suit against a Chinese businessman named in the Virginia federal court case as Peng Yong owner of Bitcomm and operator of 3322.org.
The subject domain, according to Microsoft security experts "is a major hub of illegal Internet activity, used by criminals every minute of every day to pump malware and instructions to the computers of innocent people worldwide."
In an earlier report, Russian web security firm tagged 3322.org as an active communicator with some 40 per cent of malwares trying to find their way in computer systems around the world.
The same domain, the Microsoft suit said, acts as the domain backbone for the new virus called Nitol, which the software giant said is capable of transforming a PC, including a newly-bought unit, into an obedient and efficient machine that takes direct instructions from a network.
This global network purportedly launches orders that can be traced to Mr Peng's 3322.org domain, Microsoft said, with the apparent mission of targeting vulnerable computer systems.
According to AP, Nitol is fully capable of "attacking websites, looting bank accounts and stealing personal data."
In most cases, the malware comes pre-installed with laptops that Microsoft were being manufactured by a Chinese firm known as Hedy, which is mainly based in the industrial Chinese city of Guangzhou.
Nitol, according to Patrick Stratton, a member of Microsoft's digital crime unit, normally resides on notebook computers that were installed with forged copies of the Windows operating system.
In one case of a laptop that Mr Stratton's team had bought in China, Nitol immediately did its programmed task as soon the unit came into life.
"As soon as we powered on this particular computer, of its own accord without any instruction from us, it began reaching out across the Internet, attempting to contact a computer unfamiliar to us," Mr Stratton told AP.
He added that the malware is packed by its makers into several form to elude detection and quickly replicates itself once it detected the presence of a new network, a PC or a portable drive.
Nitol is now believed to have infected computers in Asia, Europe, Russia, the United States and even Australia, according to Microsoft legal counsel Richard Boscovich.
The software giant is spearheading the fight against Nitol and its network because chief target of the attacks are computer systems running in Windows, Mr Boscovich added.
In an interview with AP, Mr Peng denied that he has direct knowledge of Nitol's operations through a domain that he admitted was his.
"Our policy unequivocally opposes the use of any of our domain names for malicious purposes," the Chinese businessman insisted.
He conceded, however, that "we currently have 2.85 million domain names and cannot exclude that individual users might be using domain names for malicious purposes."
To contact the editor, e-mail: