The Microsoft-Kelihos Tango Continues

Microsoft is going all out on hammering the last nail on Kelihos’s coffin. The takedown that took place 4 months ago is just the beginning.

The software giant filed a complaint on Monday, January 23, against Andrey N. Sabelnikov for “controlling the ‘Kelihos’ botnet using twenty-one (21) Internet domain names … including, in particular, the 3,723 ‘cz.cc’ Internet sub-domains…”. Also according to the said report, Sabelnikov “worked as a software engineer and project manager at a company that provided firewall, antivirus and security software.” You can read more here.

Kelihos—otherwise known as Waledac—is a botnet capable of sending out 3.8 billion spam emails each day. The botnet was also used for other malicious acts while leveraging the “fast flux” hosting method to hide locations of infected machines, including the command and control (C&C) center of the botnet.

Despite the botnet being inactive, Richard Boscovich, Senior Attorney at the Microsoft Digital Crimes Unit, asserts that “thousands of computers are still infected with its malware.” If you think that your system might be one of the millions infected, make sure that you have an antivirus software installed on your system to clean off the infection. If you already do, make sure that the software is updated to its latest security pattern and engine. Most importantly, be wary of certain emails in your inbox that might have escaped your spam catcher. Never open its attachment or click links on its message body.

Jovi Umawing