Report: Kelihos botnet making a comeback - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Advisory Watch: June 14th, 2013

Linux Security Week: June 4th, 2013

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Report: Kelihos botnet making a comeback

User Rating:

How can I rate this item?

Source: H Security - Posted by Alex

Following a joint operation by Microsoft and Kaspersky Lab last September to disrupt Kelihos, the botnet is now said to be making a comeback and using new techniques. According to a report on Securelist, which is run by Kaspersky Lab, new samples of the Kelihos botnet have been discovered that appear to be "very similar to the initial version". However, Kaspersky Lab researcher Maria Garnaeva says that comparing the new version of Kelihos with the original does reveal some changes. These include using a new order of operations for communication with the botnet controllers and using updated encryption keys. Garnaeva notes that, while changing keys is "quite predictable, two different RSA encryption keys are now being used which could possibly mean that two different groups are currently controlling Kelihos.

Read this full article at H Security