Latest Kelihos botnet shut down live at RSA Conference 2013
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
(Publication) Google search: [1]
| Latest Kelihos botnet shut down live at RSA Conference 2013 | |
|---|---|
| Botnet | Kelihos |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-02-26 |
| Editor/Conference | Kaspersky lab |
| Link | http://threatpost.com/en us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 (Archive copy) |
| Author | Michael Mimoso |
| Type | Blogpost |
Abstract
“ The third version of the prolific peer-to-peer botnet responsible for volumes of pharmaceutical spam, Bitcoin wallet theft and credential harvesting was shut down before a live audience today at RSA Conference 2013.
With the execution of a few commands that culminated weeks of intelligence gathering and coding, a CrowdStrike researcher was able to sinkhole thousands of bots before a packed session hall. A heat map of the world lit up like a stoplight with red dots representing bots connecting to the sinkhole rather than to their P2P proxies—a real-time illustration of a successful takedown.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1312,
editor = {Kaspersky lab},
author = {Michael Mimoso},
title = {Latest Kelihos botnet shut down live at RSA Conference 2013},
date = {26},
month = Feb,
year = {2013},
howpublished = {\url{http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613}},
}