In association with heise online

28 September 2011, 15:46

Microsoft brings Kelihos botnet to a halt

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft DCU Logo Microsoft's Digital Crimes Unit (DCU) says that it has successfully "taken down the Kelihos botnet". In a post on the Official Microsoft Blog, the company says that Kelihos, sometimes also referred to as "Waledac 2.0", was neutralised – in an operation code-named "Operation b79" – using the same techniques it used against the Waledac and Rustock botnets.

Microsoft DCU Senior Attorney Richard Domingues Boscovich says that the Kelihos takedown is "the first time Microsoft has named a defendant in one of its civil cases involving a botnet", adding that the company intends "to send a strong message to those behind botnets that it’s unwise for them to simply try to update their code and rebuild a botnet once we’ve dismantled it". The company's complaint specifically alleges that Dominique Alexander Piatti, along with dotFREE Group SRO and twenty two "John Does", owned and used domains to operate and control the botnet.

While the botnet is not as large as Rustock, Boscovich says that approximately 41,000 systems around the world are infected with Kelihos and that it is capable of sending upwards of 3.8 billion spam email messages per day. As such, he does not expect its disruption "to have the breadth of impact on the Internet that our prior takedowns did", adding that they acted "before the botnet had an opportunity to grow further and because we believe accountability is important".

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit