×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Version of Kelihos Botnet Appears

Trailrunner7 (1100399) writes | about a year ago

Botnet 0

Trailrunner7 (1100399) writes "Researchers are tracking a new version of the Kelihos botnet, one that comes complete with better resistance to sinkholing techniques and a feature that enables it to remain dormant on infected machines for long periods to help avoid detection. The botnet also is using an advanced fast-flux capability to hide the domains it uses for command-and-control and malware distribution.

This is the third time the Kelihos botnet has reared its head. The first two instances, security researchers were able to sinkhole the domains that Kelihos was using, effectively crippling the attackers' ability to communicate with infected machines. The first Kelihos botnet takedown in 2011 was a joint effort between Kaspersky Lab and Microsoft and the teams were able to reverse-engineer the communications protocol that the bots use. Kelihos, also known as Hlux, is a peer-to-peer botnet, meaning that there is no central server or servers that spit out new commands for the bots."

Link to Original Source

0 comment

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...