Welcome to WebmasterWorld Guest from 54.145.208.64

Forum Moderators: bill

Message Too Old, No Replies

Microsoft Takes Down Kelihos Botnet

   
1:01 pm on Sep 28, 2011 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Microsoft Takes Down Kelihos Botnet [blogs.technet.com]
Building on the recent successes of the Rustock and Waledac botnet takedowns, I’m pleased to announce that Microsoft has taken down the Kelihos botnet in an operation codenamed “Operation b79” using similar legal and technical measures that resulted in our previous successful botnet takedowns.

Kelihos, also known by some as “Waledac 2.0” given its suspected ties to the first botnet Microsoft took down, is not as massive as the Rustock spambot. However, this takedown represents a significant advance in Microsoft’s fight against botnets nonetheless. This takedown will be the first time Microsoft has named a defendant in one of its civil cases involving a botnet and as of approximately 8:15 a.m. Central Europe time on Sept. 26th, the defendants were personally notified of the action.

1:58 pm on Sep 28, 2011 (gmt 0)

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member



While I love hearing about successful botnet takedowns I'm not about to cheer on the same company who installed bingbar and two dozen other "helper" features on my new office computer before I bought it. I couldn't even install a copy of Mahjong from a DISK I own because it was helped into forcing real arcade to be installed by a "helpful" feature.

The irony of taking down a botnet while having infected my computer with helper features of their own makes me less than cheerful. I suppose it's a step in the right direction, but an affiliate ebay link on the desktop of new operating system installations? Forced online backups? Forced monitoring by a "security company"? Give me a break.

It took me two hours to remove all that "helper" crap, thanks Microsoft.
2:17 pm on Sep 28, 2011 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



I applaud Microsoft's take-down efforts and successes. I'd also applaud transparency about (or cessation of) their own bot networks...

MSN's many cloaked bots. Again. [webmasterworld.com]
2:18 pm on Sep 28, 2011 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Must look in the logs to see if the 200 or more requests per hour for
/<randompath>/admin.php
, ongoing for the last year or more, have finally stopped. After being served "410 Gone" over 2 million times, they still haven't got the message.
9:34 pm on Sep 30, 2011 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



It took me two hours to remove all that "helper" crap, thanks Microsoft.

I'm in a different camp... nobody twisted arms (or sneaked in like a thief) to make you click and install those MS features. They, at least, were up front in what they do. Malware guys (and gals) are a different breed... there's no "offer/acceptance" and therein is the difference.

Kudos MS. Meanwhile raspberries for taking so long to "git 'er done".
7:27 am on Oct 3, 2011 (gmt 0)

10+ Year Member



I too applaud the action and success.

Sgt K, you might be blaming MS for the hardware manufacturer's doings. I've installed a few Win7s without a single piece of crapware rearing its head.