While the world may still have been celebrating Microsoft’s victory in their civil case against the masters of the notorious Rustock botnet, Microsoft was already in process of knocking yet another botnet – Kelihos – offline.Although the Kelihos botnet was far smaller than Rustock, having lassoed in 41,000 computers worldwide versus Rustock’s 1.6+ million, it was still being a nuisance by pumping out 3.8 billion spam emails per day.
Spam messages sent out by the Kelihos botnet advertised everything from unapproved generic prescription drugs to fraudulent stock scams, all the way to child pornography websites. Like any other spam message, the ultimate goal was to steal sensitive user data & recruit new computers into the botnet’s army of zombie PCs.
In order to sever the tie between the infected PCs and the Kelihos botnet operators, Microsoft asked the U.S. District Court in Richmond to order that the 21 domains linked to the command & control servers be shutdown.
In the complaint, Microsoft also named the defendant & alleged controller of the Kelihos botnet as Dominique Alexander Piatti. Piatti’s company, dotFREE Group SRO was also listed, along with 22 anonymous co-defendants that owned domains & subdomains that were used to control the botnet.
Microsoft says they’re working with Internet Service Providers (ISPs) & Community Emergency Response Teams (CERTs) in addition releasing updates for their Malicious Software Removal Tool in order to clean up the aftermath of the Kelihos botnet. If you fear your PC has been infected, Microsoft offers a collection of free tools and helpful information to help remove malware & regain control of your PC.
For more information related to the takedown of the Kelihos botnet, check out this post on Microsoft’s Official blog.
Photo Credit: buggolo
No comments:
Post a Comment