Microsoft claims Kelihos in latest botnet takedown

Microsoft claims to have shut down a malware botnet billed as the successor to the infamous Waledac.

The company said that it has dismantled the Kelihos botnet and filed a civil complaint against a man in the Czech Republic accused of running the operation.

Kelihos is believed to be connected to Waledac, which Microsoft helped to take down in 2010. Researchers have since noted several key similarities in the behaviour of both botnets.

"The Kelihos takedown is intended to send a strong message to those behind botnets that it is unwise to simply try to update their code and rebuild a botnet once we've dismantled it," said Richard Domingues Boscovich, Microsoft's digital crimes unit senior attorney, in a company blog posting.

"When Microsoft takes a botnet down, we intend to keep it down, and we will continue to take action to protect our customers and platforms and hold botnet herders accountable for their actions."

Microsoft has also filed suit against Dominique Alexander Piatti of the Czech Republic, alleging that his company, dotFREE Group SRO, offered hosting services to the botnet operators.

Microsoft believes Piatti's company also offered domains for use by the MacDefender rogue security operation.

Authorities have used ISP and hosting service takedowns in recent years as a way of cutting off malware and botnet networks including Zeus.