Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Submission + - New Version of Kelihos Botnet Appears (

Trailrunner7 writes: Researchers are tracking a new version of the Kelihos botnet, one that comes complete with better resistance to sinkholing techniques and a feature that enables it to remain dormant on infected machines for long periods to help avoid detection. The botnet also is using an advanced fast-flux capability to hide the domains it uses for command-and-control and malware distribution.

This is the third time the Kelihos botnet has reared its head. The first two instances, security researchers were able to sinkhole the domains that Kelihos was using, effectively crippling the attackers' ability to communicate with infected machines. The first Kelihos botnet takedown in 2011 was a joint effort between Kaspersky Lab and Microsoft and the teams were able to reverse-engineer the communications protocol that the bots use. Kelihos, also known as Hlux, is a peer-to-peer botnet, meaning that there is no central server or servers that spit out new commands for the bots.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

New Version of Kelihos Botnet Appears

Comments Filter:

Ocean: A body of water occupying about two-thirds of a world made for man -- who has no gills. -- Ambrose Bierce