Kelihos Botnet Take Down!
On September 27, Microsoft announced it took down it's 3rd botnet this year, Kelihos. Microsoft has previously worked with partners to take down both the Rustock and Waledac botnets, which dramatically reduced spam across The Internet. What's more, Microsoft finally named a defendant in a botnet case, holding Dominique Alexander Piatti responsible for operating the botnet. Microsoft was not alone in this botnet take down however, they were greatly aided by security company Kaspersky. Kapersky successfully 'sinkholed' the botnet, meaning it's still functional just completely controlled by them. This is quite difficult to do, as they had to gain control of a peer-to-peer network which acted as a middle layer in distributing commands from control nodes to worker zombie machines. Unfortunately, Kaspersky can't issue out a command to patch and dissolve the bonnet, as this would be against the law for executing remote code on another person's computer. Therefore, Kapersky can only remain in control by sinkholing the botnet, meanwhile Microsoft put out a signature for their anti-virus suit Microsoft Security Essentials, urging people to download it and scrub for the botnet code. This was a major step in battling botnets, as we are finally catching and prosecuting those responsible, although I can't help but feel that the battle isn't over until the botnet has been dissembled.