• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Resources
  • SMB Spotlight
  • Newsletters
  • Sign in
  • Events
    • Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Resources
    • V3resources 120x194
      Network Security Forensics For GDPR Compliance

      An effective network security forensics strategy can assist an organization in providing key compliance-related details as part of any post-incident GDPR investigation.

      Download
      V3resources 120x194
      10 ways to increase productivity with managed Office 365

      For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

      Download
      Find resources
      Search by title or subject area
      View all resources
  • SMB Spotlight
  • Sign in
  •  
    •  

      You are currently accessing V3 .co.uk via your Enterprise account.

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      • Sign in
     
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    You are currently accessing V3 .co.uk via your Enterprise account.

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    • Sign in
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Security

Stricken Kelihos botnet rises from the dead

Botnet emerges to restart its campaign to compromise PCs

Concept image representing virus malware
  • Gareth Morgan
  • Gareth Morgan
  • 09 March 2012
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

The Kelihos botnet that Microsoft claimed to have taken down last year has re-emerged with a bag of new tricks aimed at rebuilding at infecting computers, according to security researchers.

They have warned that the resurgent Kelihos botnet is being used to steal credentials, install malware and distribute millions of German stock-related spam messages.

According to Swiss researchers at the Abuse.ch blog, the new version of Kelihos is using a .eu domain in combination with so-called fast flux techniques.

Fast flux is a DNS technique used by botnet operators to mask malware hosting websites behind an constantly-changing network of compromised machines, which act as proxies.

Previously Kelihos had used domains associated with the Czech Republic.

Security firm GFI has also warned that a new variant of Kelihos is on the loose, with those behind it seemingly intent on rebuilding the botnet.

“Despite the best efforts of Microsoft and a number of security specialists, the Kelihos Botnet has continued to gain momentum in the wild,” GFI warned.

Microsoft said it had shut down the Kelihos botnet last September.

At the time, it said: “When Microsoft takes a botnet down, we intend to keep it down.”

One of the people that Microsoft had accused of running Kelihos has strenuously denied involvement.

He recently told Gazeta.ru that despite having worked for an anti-virus firm, he did not have the technical expertise to develop a botnet.

“I specialise in interior design, architecture software systems,” he said according to a Google translation of the interview.

Security firm Kaspersky Labs, which worked with Microsoft on the initial Kelihos takedown reported seeing new variants of the botnet as early as January 2012.

V3 contacted Microsoft and Kaspersky for comment on the revelations but had received no reply at the time of publication.

  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Security
  • Web
  • Internet
  • Botnets
  • Microsoft
  • Kaspersky

V3 Latest

BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP

BT wants to make the public switched telephone network history within eight years

  • Communications
  • 20 April 2018
Facebook Login hijacked by hidden web trackers, claim security researchers
Facebook Login hijacked by hidden web trackers, claim security researchers

Personal data being purloined by third parties via Facebook Login API

  • Security
  • 20 April 2018
Apple: we've no plans to merger iOS and MacOS
Apple: we've no plans to merger iOS and MacOS

MacOS and iOS are better off apart, says CEO Tim Cook

  • Desktops
  • 20 April 2018
Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year

Or they'll no longer be entitled to updates and bug patches

  • Developer
  • 20 April 2018
Back to Top

Most read

Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year
Scientists uncover new battery chemical with 50 percent more storage capacity
Scientists uncover new battery chemical with 50 percent more storage capacity
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
Former spies are scraping Facebook data to build a massive facial recognition database
Former spies are scraping Facebook data to build a massive facial recognition database
Oracle tells President Trump that winner-takes-all cloud contract for Pentagon is nonsense
Oracle tells President Trump that winner-takes-all cloud contract for Pentagon is nonsense
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017