Kelihos botnet trying to expand by harnessing Russian national sentiments

(Publication) Google search: [1]

Abstract

“ What's different about this case is that instead of appealing to the victims' sense of curiosity, the cyber criminals appeal to patriotic sentiments (see details in analysis below), blatantly saying that they will run malware on the intended targets' computers, but without disclosing the true nature of the malware.

The variants we have analyzed so far in this campaign seem to have the spambot and sniffing functionality; no DDoS behavior has been observed during preliminary analysis. Even so, the damage for a business allowing their infrastructure to run such malware could be significant (blacklisting for example).

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1399,
   editor = {Websense},
   author = {Ran Mosessco, Nick Griffin, Brandon Laux},
   title = {Kelihos botnet trying to expand by harnessing Russian national sentiments},
   date = {22},
   month = Aug,
   year = {2014},
   howpublished = {\url{http://community.websense.com/blogs/securitylabs/archive/2014/08/22/kelihos-botnet-trying-to-expand-by-harnessing-russian-national-sentiments.aspx community.websense.com}},
 }