Microsoft brings Kelihos botnet to a halt
Microsoft's Digital Crimes Unit (DCU) says that it has successfully "taken down the Kelihos botnet". In a post on the Official Microsoft Blog, the company says that Kelihos, sometimes also referred to as "Waledac 2.0", was neutralised – in an operation code-named "Operation b79" – using the same techniques it used against the Waledac and Rustock botnets.
Microsoft DCU Senior Attorney Richard Domingues Boscovich says that the Kelihos takedown is "the first time Microsoft has named a defendant in one of its civil cases involving a botnet", adding that the company intends "to send a strong message to those behind botnets that it’s unwise for them to simply try to update their code and rebuild a botnet once we’ve dismantled it". The company's complaint specifically alleges that Dominique Alexander Piatti, along with dotFREE Group SRO and twenty two "John Does", owned and used cz.cc domains to operate and control the botnet.
While the botnet is not as large as Rustock, Boscovich says that approximately 41,000 systems around the world are infected with Kelihos and that it is capable of sending upwards of 3.8 billion spam email messages per day. As such, he does not expect its disruption "to have the breadth of impact on the Internet that our prior takedowns did", adding that they acted "before the botnet had an opportunity to grow further and because we believe accountability is important".
See also:
- Microsoft offers $250,000 for information on Rustock botnet, a report from The H.
(crve)