403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx
Follow us:
403 Forbidden

403 Forbidden


nginx

Microsoft Pri0

Welcome to Microsoft Pri0: That's Microspeak for top priority, and that's the news and observations you'll find here from Seattle Times technology reporter Matt Day.

September 28, 2011 at 6:20 AM

Microsoft takes down Kelihos botnet

It’s not a James Bond flick, but there is talk of codenames, takedowns, and operations with codenames that result in takedowns.

It’s a Microsoft blog post, of all things, talking about the takedown of the Kelihos botnet.

Botnets are networks of virus-infected computers that can send out spam or viruses.

In this case, “Kelihos infected Internet users’ computers with malicious software which allowed the botnet to surreptitiously control a person’s computer and use it for a variety of illegal activities, including sending out billions of spam messages, harvesting users’ personal information (such as e-mails and passwords), fraudulent stock scams and, in some instances, websites promoting the sexual exploitation of children,” Richard Domingues Boscovich, senior attorney with Microsoft’s Digital Crimes Unit, wrote in the blog post.

The Kelihos botnet infected about 41,000 computers worldwide, according to Microsoft’s investigation to date.

Operation b79, as this takedown operation was codenamed, is the third time in less than two years Microsoft has taken down a botnet. It previously took down the Waledac and Rustock botnets.

As in the previous two instances, Microsoft is taking the people behind the botnet to civil court. For the first time, the company is naming a defendant. The complaint, filed Sept. 22 in the U.S. District Court for the Eastern District of Virginia, accuses Dominique Alexander Piatti, in addition to dotFREE Group SRO (a Czech company), and John Does 1-22 of owning a domain — cz.cc — and using that domain to register other subdomains used to operate and control the Kelihos botnet. The botnet injured Microsoft and its customers, the suit says.

“The Kelihos takedown is intended to send a strong message to those behind botnets that it’s unwise for them to simply try to update their code and rebuild a botnet once we’ve dismantled it,” Boscovich wrote. “When Microsoft takes a botnet down, we intend to keep it down.”

Comments

COMMENTS

No personal attacks or insults, no hate speech, no profanity. Please keep the conversation civil and help us moderate this thread by reporting any abuse. See our Commenting FAQ.



The opinions expressed in reader comments are those of the author only, and do not reflect the opinions of The Seattle Times.


403 Forbidden

403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx