Forgot your password?
typodupeerror
Botnet

+ - New Version of Kelihos Botnet Appears->

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "Researchers are tracking a new version of the Kelihos botnet, one that comes complete with better resistance to sinkholing techniques and a feature that enables it to remain dormant on infected machines for long periods to help avoid detection. The botnet also is using an advanced fast-flux capability to hide the domains it uses for command-and-control and malware distribution.

This is the third time the Kelihos botnet has reared its head. The first two instances, security researchers were able to sinkhole the domains that Kelihos was using, effectively crippling the attackers' ability to communicate with infected machines. The first Kelihos botnet takedown in 2011 was a joint effort between Kaspersky Lab and Microsoft and the teams were able to reverse-engineer the communications protocol that the bots use. Kelihos, also known as Hlux, is a peer-to-peer botnet, meaning that there is no central server or servers that spit out new commands for the bots."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

New Version of Kelihos Botnet Appears

Comments Filter:

Lisp Users: Due to the holiday next Monday, there will be no garbage collection.

Working...