Kelihos

From Botnets.fr
Jump to navigation Jump to search

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

Kelihos
Alias
Group Spamming
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of:
Distribution of:
Campaigns:

Target Microsoft Windows
Origin
Distribution vector
UserAgent
CCProtocol P2P (Decentralized)
Activity /
Status
Language
Programming language
Operation/Working group Operation b79

Introduction

First attempt to shut down this botnet was done by closing the cz.cc domain.

Kelihos-Infection.png

Features

CVE: CVE-2010-2568

Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
A quick update on spambot KelihosAbuse.ch2012
An encounter with trojan NapAli Islam
Abhishek Singh
FireEye2013
An overview of messaging botnetsFrançois PagetMcAfee2013
Battling the Rustock threatMarc Lauricella
Holly Stewart
T.J. Campana
David Anselmi
Richard Boscovich
Samantha Doerr
Oleg Petrovsky
Tareq Saade
Microsoft2011
Botnet shutdown success story - again: disabling the new Hlux/Kelihos botnetStefan OrtloffKaspersky lab2012
Botnet shutdown success story: how Kaspersky Lab disabled the Hlux/Kelihos botnetTillmann WernerKaspersky lab2011
FAQ on Kelihos.B/Hlux.B sinkholingDavid DittrichThe Honeynet Project2012
Kelihos back in town using Fast FluxAbuse.ch2012
Kelihos botnet appears again with new variantJay PfoutzSecure Connexion2013
Kelihos botnet trying to expand by harnessing Russian national sentimentsRan Mosessco
Nick Griffin
Brandon Laux
Websense2014
Kelihos is dead. Long live KelihosGunter OllmannDamballa2012
Kelihos is dead… No wait… Long live Kelihos! Again!Phil HayTrustwave2013
Kelihos/Hlux botnet returns with new techniquesMaria GarnaevaKaspersky lab2012
Kelihos: not alien resurrection, more attack of the clonesDavid HarleyESET2012
Latest Kelihos botnet shut down live at RSA Conference 2013Michael MimosoKaspersky lab2013
Long life to Kelihos!Gianluca GiulianiWebsense2012
Microsoft neutralizes Kelihos botnet, names defendant in caseRichard Domingues BoscovichMicrosoft2011
P2P botnet Kelihos.B with 100.000 nodes sinkholedTillmann Werner2012
The where and why of HluxSergey GolovanovKaspersky lab2012
Trojan Nap aka Kelihos/Hlux - Feb. 2013 status updateMila ParkourDeepEnd Research2013
ZeuSbot/Spyeye P2P updated, fortifying the botnetAndrea LelliSymantec2012

Liens externes