Microsoft Neutralizes Kelihos Botnet

HardOCP News · Sep 27, 2011

According to the Official Microsoft Blog, the software giant has put the smack down on the Kelihos botnet. Microsoft, using the codename "Operation b79," employed the same tactics it used when it took down the Rustock and Waledac botnets.

In the complaint, Microsoft alleges that Dominique Alexander Piatti, dotFREE Group SRO and John Does 1-22 of owning a domain cz.cc and using cz.cc to register other subdomains such as lewgdooi.cz.cc used to operate and control the Kelihos botnet. Our investigation showed that while some of the defendant’s subdomains may be legitimate, many were being used for questionable purposes with links to a variety of disreputable online activities.

djoye · Sep 27, 2011

Did cz.cc get wiped or something? I can't go there.

They finally blocked http://*.++++++ at work which probably explains why we haven't seen WIN7 AV lately.

djoye · Sep 27, 2011

LOL, nice filtering there; if you just leave this address here for 24 hours I won't do anything else!

It's *.co .cc that they finally blocked. Free redirection sites sounds like a good list to compile for filters.

likeman · Sep 28, 2011

short url sites should be blocked as you do not know what your hitting until you open it (there are tiny url showers adon s for browsers)

Microsoft Neutralizes Kelihos Botnet

HardOCP News

[H] News

djoye

2[H]4U

djoye

2[H]4U

likeman

Gawd