Welcome to WebmasterWorld Guest from 50.17.16.177

Forum Moderators: bill

Message Too Old, No Replies

Microsoft Takes Down Kelihos Botnet

     
1:01 pm on Sep 28, 2011 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:22303
votes: 238


Microsoft Takes Down Kelihos Botnet [blogs.technet.com]
Building on the recent successes of the Rustock and Waledac botnet takedowns, I’m pleased to announce that Microsoft has taken down the Kelihos botnet in an operation codenamed “Operation b79” using similar legal and technical measures that resulted in our previous successful botnet takedowns.

Kelihos, also known by some as “Waledac 2.0” given its suspected ties to the first botnet Microsoft took down, is not as massive as the Rustock spambot. However, this takedown represents a significant advance in Microsoft’s fight against botnets nonetheless. This takedown will be the first time Microsoft has named a defendant in one of its civil cases involving a botnet and as of approximately 8:15 a.m. Central Europe time on Sept. 26th, the defendants were personally notified of the action.

1:58 pm on Sept 28, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member

joined:Apr 14, 2010
posts:3169
votes: 0


While I love hearing about successful botnet takedowns I'm not about to cheer on the same company who installed bingbar and two dozen other "helper" features on my new office computer before I bought it. I couldn't even install a copy of Mahjong from a DISK I own because it was helped into forcing real arcade to be installed by a "helpful" feature.

The irony of taking down a botnet while having infected my computer with helper features of their own makes me less than cheerful. I suppose it's a step in the right direction, but an affiliate ebay link on the desktop of new operating system installations? Forced online backups? Forced monitoring by a "security company"? Give me a break.

It took me two hours to remove all that "helper" crap, thanks Microsoft.
2:17 pm on Sept 28, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 5, 2005
posts: 2038
votes: 1


I applaud Microsoft's take-down efforts and successes. I'd also applaud transparency about (or cessation of) their own bot networks...

MSN's many cloaked bots. Again. [webmasterworld.com]
2:18 pm on Sept 28, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:July 3, 2002
posts:18903
votes: 0


Must look in the logs to see if the 200 or more requests per hour for
/<randompath>/admin.php
, ongoing for the last year or more, have finally stopped. After being served "410 Gone" over 2 million times, they still haven't got the message.
9:34 pm on Sept 30, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:6148
votes: 281


It took me two hours to remove all that "helper" crap, thanks Microsoft.

I'm in a different camp... nobody twisted arms (or sneaked in like a thief) to make you click and install those MS features. They, at least, were up front in what they do. Malware guys (and gals) are a different breed... there's no "offer/acceptance" and therein is the difference.

Kudos MS. Meanwhile raspberries for taking so long to "git 'er done".
7:27 am on Oct 3, 2011 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 5, 2003
posts:61
votes: 3


I too applaud the action and success.

Sgt K, you might be blaming MS for the hardware manufacturer's doings. I've installed a few Win7s without a single piece of crapware rearing its head.