Latest Kelihos botnet shut down live at RSA Conference 2013
Revision as of 21:14, 27 August 2014 by Eric.freyssinet (talk | contribs) (Remplacement de texte — « |Editor=Kaspersky lab Lab » par « |Editor=Kaspersky lab »)
(Publication) Google search: [1]
| Latest Kelihos botnet shut down live at RSA Conference 2013 | |
|---|---|
| Botnet | Kelihos |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-02-26 |
| Editor/Conference | Kaspersky lab |
| Link | http://threatpost.com/en us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 threatpost.com (threatpost.com Archive copy) |
| Author | Michael Mimoso |
| Type | Blogpost |
Abstract
“ The third version of the prolific peer-to-peer botnet responsible for volumes of pharmaceutical spam, Bitcoin wallet theft and credential harvesting was shut down before a live audience today at RSA Conference 2013.
With the execution of a few commands that culminated weeks of intelligence gathering and coding, a CrowdStrike researcher was able to sinkhole thousands of bots before a packed session hall. A heat map of the world lit up like a stoplight with red dots representing bots connecting to the sinkhole rather than to their P2P proxies—a real-time illustration of a successful takedown.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1312,
editor = {Kaspersky lab},
author = {Michael Mimoso},
title = {Latest Kelihos botnet shut down live at RSA Conference 2013},
date = {26},
month = Feb,
year = {2013},
howpublished = {\url{http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 threatpost.com}},
}