Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft killed Kelihos botnet

Published: 2011-09-27
Last Updated: 2011-09-27 23:35:31 UTC
by Jason Lam (Version: 1)
1 comment(s)

Great news for Internet security. Microsoft has effectively killed off the Kelihos botnet which has about 42-45K nodes. The signature to remove the botnet agent from infected machine is added to the Malicious Software Removal Tool which will be rolled out to users taking automatic updates. Microsoft also took a proactive approach on the legal front, filing for court order to get Verisign (the domain registrar for the malicious domains) to take down the malicious domains related to the botnet operations.

Great to see the Digital Crimes Unit at Microsoft being so proactive about shutting down malware. 

More info on this,

http://blogs.technet.com/b/mmpc/archive/2011/09/26/operation-b79-kelihos-and-additional-msrt-september-release.aspx
http://www.computerworld.com/s/article/9220321/Striking_a_domain_provider_Microsoft_kills_off_a_botnet?taxonomyId=82&pageNumber=1

Keywords:
1 comment(s)
Diary Archives