Difference between revisions of "Latest Kelihos botnet shut down live at RSA Conference 2013"
Jump to navigation
Jump to search
m (Remplacement de texte — « |Editor=Kaspersky lab Lab » par « |Editor=Kaspersky lab ») |
m (Text replacement - " threatpost.com" to "") |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
|Type=Blogpost | |Type=Blogpost | ||
|Link=http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 | |Link=http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 | ||
|Author=Michael Mimoso | |Author=Michael Mimoso | ||
|NomRevue=Threatpost | |NomRevue=Threatpost | ||
Latest revision as of 22:10, 5 August 2015
(Publication) Google search: [1]
| Latest Kelihos botnet shut down live at RSA Conference 2013 | |
|---|---|
| Botnet | Kelihos |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-02-26 |
| Editor/Conference | Kaspersky lab |
| Link | http://threatpost.com/en us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 (Archive copy) |
| Author | Michael Mimoso |
| Type | Blogpost |
Abstract
“ The third version of the prolific peer-to-peer botnet responsible for volumes of pharmaceutical spam, Bitcoin wallet theft and credential harvesting was shut down before a live audience today at RSA Conference 2013.
With the execution of a few commands that culminated weeks of intelligence gathering and coding, a CrowdStrike researcher was able to sinkhole thousands of bots before a packed session hall. A heat map of the world lit up like a stoplight with red dots representing bots connecting to the sinkhole rather than to their P2P proxies—a real-time illustration of a successful takedown.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1312,
editor = {Kaspersky lab},
author = {Michael Mimoso},
title = {Latest Kelihos botnet shut down live at RSA Conference 2013},
date = {26},
month = Feb,
year = {2013},
howpublished = {\url{http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613}},
}