It’s not a James Bond flick, but there is talk of codenames, takedowns, and operations with codenames that result in takedowns.
It’s a Microsoft blog post, of all things, talking about the takedown of the Kelihos botnet.
Botnets are networks of virus-infected computers that can send out spam or viruses.
In this case, “Kelihos infected Internet users’ computers with malicious software which allowed the botnet to surreptitiously control a person’s computer and use it for a variety of illegal activities, including sending out billions of spam messages, harvesting users’ personal information (such as e-mails and passwords), fraudulent stock scams and, in some instances, websites promoting the sexual exploitation of children,” Richard Domingues Boscovich, senior attorney with Microsoft’s Digital Crimes Unit, wrote in the blog post.
The Kelihos botnet infected about 41,000 computers worldwide, according to Microsoft’s investigation to date.
As in the previous two instances, Microsoft is taking the people behind the botnet to civil court. For the first time, the company is naming a defendant. The complaint, filed Sept. 22 in the U.S. District Court for the Eastern District of Virginia, accuses Dominique Alexander Piatti, in addition to dotFREE Group SRO (a Czech company), and John Does 1-22 of owning a domain — cz.cc — and using that domain to register other subdomains used to operate and control the Kelihos botnet. The botnet injured Microsoft and its customers, the suit says.
“The Kelihos takedown is intended to send a strong message to those behind botnets that it’s unwise for them to simply try to update their code and rebuild a botnet once we’ve dismantled it,” Boscovich wrote. “When Microsoft takes a botnet down, we intend to keep it down.”