Botnet Shutdown Success Story
Kaspersky Lab Expert Stefan Ortloff has announced a report. He said that last September, in partnership with Microsoft's Digital Crimes Unit (DCU), SurfNET and Kyrus Tech, Inc., Kaspersky Lab successfully disabled the dangerous Hlux/Kelihos botnet by sinkholing the infected machines to a host under our control.
A few months later, our researchers stumbled upon a new version of the malware with significant changes in the communication protocol and new "features" like flash-drive infection, bitcoin-mining wallet theft.
Now, we are pleased to announce that we have partnered with the CrowdStrike Intelligence Team, the Honeynet Project and Dell SecureWorks to disable this new botnet.
Last week, we set up worldwide distributed machines for this sinkholing operation and on Wednesday, March 21, we finally began the synchronized propagation of our sinkhole IP-adress to the peer-to-peer network.
After a short time, our sinkhole-machine increased its "popularity" in the network - which means that big part of the botnet only talks to a box under our control.
For More Details See
www.varindia.com