Microsoft botnet hunters strike again, take alleged botnet domain hoster to court
Posted in: Legal & Security at 28/09/2011 19:16
Fresh off the success of decapitating the Rustock botnet, Microsoft today announced the takedown of another botnet known as Kelihos, which controlled 41,000 computers worldwide and was capable of sending 3.8 billion spam e-mails per day. While not as massive as Rustock, Microsoft said the operation is noteworthy because it marks the first time Microsoft has produced a named defendant in a botnet civil case. Microsoft is also updating its Malicious Software Removal Tool to clean up malware distributed by the botnet.
"Kelihos infected Internet users' computers with malicious software which allowed the botnet to surreptitiously control a person's computer and use it for a variety of illegal activities, including sending out billions of spam messages, harvesting users' personal information (such as e-mails and passwords), fraudulent stock scams and, in some instances, websites promoting the sexual exploitation of children," Microsoft Digital Crimes Unit senior attorney Richard Domingues Boscovich writes. "Similar to Rustock, some of the spam messages also promoted potentially dangerous counterfeit or unapproved generic pharmaceuticals from unlicensed and unregulated online drug sellers. Kelihos also abused Microsoft's Hotmail accounts and [the] Windows operating system to carry out these illegal activities."
Striking a domain provider, Microsoft kills off a botnet [IDG]
Microsoft has opened a front in its ongoing battle against Internet scammers, using the power of a U.S. court to deal a knockout blow to an emerging botnet and taking offline a provider of free Internet domains.
Microsoft used the same technique that worked in its earlier takedowns of the Rustock and Waledac botnets, asking a U.S. court to order Verisign to shut down 21 Internet domains associated with the command-and-control servers that form the brains of the Kelihos botnet.