Kelihos botnet trying to expand by harnessing Russian national sentiments

From Botnets.fr
Revision as of 21:30, 31 July 2015 by Eric.freyssinet (talk | contribs) (Text replacement - "Campaign1=" to "Campaign=")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

Kelihos botnet trying to expand by harnessing Russian national sentiments
Botnet Kelihos
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2014 / 2014-08-22
Editor/Conference Websense
Link http://community.websense.com/blogs/securitylabs/archive/2014/08/22/kelihos-botnet-trying-to-expand-by-harnessing-russian-national-sentiments.aspx community.websense.com (community.websense.com Archive copy)
Author Ran Mosessco, Nick Griffin, Brandon Laux
Type Blogpost

Abstract

What's different about this case is that instead of appealing to the victims' sense of curiosity, the cyber criminals appeal to patriotic sentiments (see details in analysis below), blatantly saying that they will run malware on the intended targets' computers, but without disclosing the true nature of the malware.

The variants we have analyzed so far in this campaign seem to have the spambot and sniffing functionality; no DDoS behavior has been observed during preliminary analysis. Even so, the damage for a business allowing their infrastructure to run such malware could be significant (blacklisting for example).

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1399,
   editor = {Websense},
   author = {Ran Mosessco, Nick Griffin, Brandon Laux},
   title = {Kelihos botnet trying to expand by harnessing Russian national sentiments},
   date = {22},
   month = Aug,
   year = {2014},
   howpublished = {\url{http://community.websense.com/blogs/securitylabs/archive/2014/08/22/kelihos-botnet-trying-to-expand-by-harnessing-russian-national-sentiments.aspx community.websense.com}},
 }