Latest Kelihos botnet shut down live at RSA Conference 2013

From Botnets.fr
Jump to: navigation, search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Latest Kelihos botnet shut down live at RSA Conference 2013
Botnet Kelihos
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-02-26
Editor/Conference Kaspersky lab
Link http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 (Archive copy)
Author Michael Mimoso
Type Blogpost

Abstract

The third version of the prolific peer-to-peer botnet responsible for volumes of pharmaceutical spam, Bitcoin wallet theft and credential harvesting was shut down before a live audience today at RSA Conference 2013.

With the execution of a few commands that culminated weeks of intelligence gathering and coding, a CrowdStrike researcher was able to sinkhole thousands of bots before a packed session hall. A heat map of the world lit up like a stoplight with red dots representing bots connecting to the sinkhole rather than to their P2P proxies—a real-time illustration of a successful takedown.

Bibtex

 @misc{Mimoso2013BFR1312,
   editor = {Kaspersky lab},
   author = {Michael Mimoso},
   title = {Latest Kelihos botnet shut down live at RSA Conference 2013},
   date = {26},
   month = Feb,
   year = {2013},
   howpublished = {\url{http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613}},
 }