Ad: Manage updates with the Download App

Kelihos

Microsoft settles with second Kelihos botnet suspect

Microsoft has settled a lawsuit with a Russian software programming who admits he wrote the code used for malware that infected 41,000 computers worldwide, according to today's blog post from Richard Domingues Boscovich, an assistant general council for Microsoft.

The case centered around the Kelihos botnet, a series of infected computers that Microsoft said was able to send 3.8 billion spam e-mails per day before the company stopped it last September. While programmer Andrey N. Sabelnikov admits to writing the code, he was not the operator of the botnet and was not involved in those activities, according … Read more

110,000 PC-strong Kelihos botnet sidelined

A new version of the Kelihos spamming botnet has been sidelined by using the peer-to-peer distribution mechanism to basically hijack it, researchers announced today.

The botnet, which was used mostly to distribute spam for Canadian pharmaceutical firms but also stole bitcoin wallets containing virtual currency, was about three times larger than an earlier variant, according to CrowdStrike, the security firm that worked with Kaspersky, Dell SecureWorks, and Honeynet Project to shut down the botnet.

The researchers reverse-engineered the malware code and wrote their own software that rerouted infected computers to communicate with servers controlled by researchers and law enforcement rather … Read more

Kelihos botnet makes a comeback

A once-dead botnet has been resurrected and resumed its spamming ways.

The original Kelihos botnet compromised only about 41,000 computers but was capable of sending 3.8 billion spam e-mails each day promoting unregulated pharmaceuticals, fraudulent stock scams and, in some cases, sites dealing with sexual exploitation of children. Microsoft and Kaspersky Lab took down the malware last September using a "sinkhole" technique that tricked the infected computers into getting their instructions from a computer the companies controlled.

However, while the technique was effective at disabling the botnet quickly, it was merely a temporary fix as many … Read more

Microsoft's Kelihos botnet suspect says he's innocent

The man pegged by Microsoft as the mastermind behind the Kelihos botnet, says he's not guilty, according to a report.

The BBC said today that Andrey N. Sabelnikov, a former employee of antivirus company Agnitum, had contacted the news agency to say that he was "surprised and shocked" by Microsoft's claim and would "prove his innocence." The BBC also quoted a blog post by Sabelnikov that said he was "absolutely not guilty":

I was very surprised and shocked to read in the press that I was being accused of a grievous crime … Read more

Microsoft identifies suspected Kelihos botnet author

Four months after taking down the Kelihos botnet, Microsoft today identified the man it believes was behind the massive infection designed to deliver spam and steal data.

In an amended complaint (PDF) filed today with the U.S. District Court for the Eastern District of Virginia, the software giant accused Andrey N. Sabelnikov, a resident of St. Petersburg, Russia, of writing the code for and participating in the creation of the Kelihos malware. The complaint further alleges that Sabelnikov used the malware to control and nurture the Kelihos botnet.

Kelihos comprised about 41,000 infected computers worldwide and was capable … Read more

Microsoft settles suit against alleged botnet hoster

Microsoft said today that a Czech Republic-based provider of free domains has agreed to pull the plug on botnet activities using his subdomains, as part of a settlement of a lawsuit the software giant filed in September to shut down the Kelihos botnet.

The suit, filed in federal court in Virginia, named Dominique Alexander Piatti and his domain company, Dotfree Group SRO, as defendants, alleging that they were involved in hosting the Kelihos botnet. Infected computers in that operation, also known as "Waledac 2.0" after a previous botnet that Microsoft shut down last year, were used to … Read more

Microsoft halts another botnet: Kelihos

Microsoft has put a halt to the Kelihos botnet and is accusing a Czech resident of hosting the botnet and using it to deliver spam and steal data, the company said today.

Kelihos, also known as "Waledac 2.0" after a previous botnet that Microsoft shut down last year, comprised about 41,000 infected computers worldwide and was capable of sending 3.8 billion spam e-mails per day, according to Microsoft.

The complaint filed last week in the U.S. District Court for the Eastern District of Virginia accuses Dominique Alexander Piatti, Dotfree Group SRO and John Does 1-22 of infecting victim computers with malware to create the Kelihos botnet, using it to send unregulated pharmaceutical and other spam, harvest e-mails and passwords, conduct fraudulent stock scams and, in some cases, promote sites dealing with sexual exploitation of children.

Meanwhile, subdomains were allegedly used to infect Mac computers with MacDefender scareware, according to the complaint. Piatti could not immediately be reached for comment.… Read more