The Latest in IT Security

Posts Tagged ‘sinkhole’

FAQ: Disabling the new Hlux/Kelihos Botnet

28
Mar
2012

Q: What is the Hlux/Kelihos botnet? A: Kelihos is Microsoft’s name for what Kaspersky calls Hlux. Hlux is a peer-to-peer botnet with an architecture similar to the one used for the Waledac botnet. It consists of layers of different kinds of nodes: controllers, routers and workers. Q: What is a peer-to-peer botnet? A: Unlike a […]

Category General Written by Securelist / Blog 0 Comments

Read more ...

Botnet Shutdown Success Story – again: Disabling the new Hlux/Kelihos Botnet

28
Mar
2012

Last September, in partnership with Microsoft’s Digital Crimes Unit (DCU), SurfNET and Kyrus Tech, Inc., Kaspersky Lab successfully disabled the dangerous Hlux/Kelihos botnet by sinkholing the infected machines to a host under our control. A few months later, our researchers stumbled upon a new version of the malware with significant changes in the communication protocol […]

Category General Written by Securelist / Blog 0 Comments

Read more ...

The where and why of HLUX

15
Feb
2012

This is not the first time the HLUX botnet has been mentioned in this blog, but there are still some unanswered questions that we’ve been receiving from the media: What is the botnet’s sphere of activity? What sort of commands does it receive from malicious users? How does the bot spread? How many infected computers […]

Category General Written by Securelist / Blog 0 Comments

Read more ...

« Older Entries
Newer Entries »

Categories

MONDAY, FEBRUARY 24, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments