Kaspersky & Microsoft Botnet Hlux Liga preview

Kaspersky & Microsoft Botnet Hlux Liga preview



JAKARTA-Kaspersky Lab, Microsoft and Kyrus Tech has managed to cooperate in shutting down botnet Kelihos, detected by Kaspersky Lab named Hlux.



Kelihos is used for sending billions of spam messages, steal personal data, conduct DDos attacks and many other crimes, using more or less 40 thousand computers.



Microsoft also has taken legal action against 24 persons associated with the infrastructure behind botnet in civil cases which allows the closure of the domain used for botnet command and control.



Kaspersky Lab was instrumental in the closure of the botnet, track since the beginning of 2011, when it began to work closely with Microsoft to handle Kelihos, including sharing botnet tracking system live with u.s. companies.



"Kaspersky Lab plays an important role in this operation by providing us a unique insight and in-depth technical analysis and understanding of their botnet Kelihos," bright Richard Boscovich, senior Attorney with the Microsoft Digital Crimes Unit, as reported by the official information, through Sunday (16/10/2011).



Kelihos botnet is peer-to-peer. Botnet consists of layers of different types of nodes: controller, router and workers. The Controller is the engine that is assumed to be operated by the group behind botnet.



They distribute the commandments to the bot and keep an eye on the structure of dynamic network peer-to-peer. The Router is infected machine with a public IP address.



They run a bot to send spam, collecting email addresses, keep track of user information from the network traffic.