Latest Kelihos botnet shut down live at RSA Conference 2013
Jump to navigation
Jump to search
(Publication) Google search: [1]
Latest Kelihos botnet shut down live at RSA Conference 2013 | |
---|---|
Botnet | Kelihos |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2013 / 2013-02-26 |
Editor/Conference | Kaspersky lab |
Link | http://threatpost.com/en us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613 (Archive copy) |
Author | Michael Mimoso |
Type | Blogpost |
Abstract
“ The third version of the prolific peer-to-peer botnet responsible for volumes of pharmaceutical spam, Bitcoin wallet theft and credential harvesting was shut down before a live audience today at RSA Conference 2013.
With the execution of a few commands that culminated weeks of intelligence gathering and coding, a CrowdStrike researcher was able to sinkhole thousands of bots before a packed session hall. A heat map of the world lit up like a stoplight with red dots representing bots connecting to the sinkhole rather than to their P2P proxies—a real-time illustration of a successful takedown.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1312, editor = {Kaspersky lab}, author = {Michael Mimoso}, title = {Latest Kelihos botnet shut down live at RSA Conference 2013}, date = {26}, month = Feb, year = {2013}, howpublished = {\url{http://threatpost.com/en_us/blogs/latest-kelihos-botnet-shut-down-live-rsa-conference-2013-022613}}, }