Microsoft gets Assurance of Kelihos’ Shutdown

Microsoft has settled with a Czechoslovakia firm, which believably supported the botnet namely Kelihos. Lately, it declared about the firm, which offered domain for free, that it had acquiesced for tackling the botnet's activities which relied on the firm's subdomains. The Software Giant, which filed a lawsuit, thereby arriving at a settlement during September 2011, has got the assurance that Kelihos would be shutdown.

Therefore, Microsoft is working to withdraw the lawsuit following the Czechoslovakia firm's agreement for adjourning alternatively entrusting all hosts utilized to carry out illicit activities. Moreover, dotFREE acquiesced for jointly working with Microsoft on the exploitation problems of domains.

In the lawsuit, Microsoft charged Dominique Alexander Piatti of dotFREE group SRO as also "1 through 22" member John Does using the Internet domains and the Internet Protocol addresses that allegedly were behind Kelihos' command-and-control infrastructure.

Microsoft reveals that Kelihos understandably is an effort for reconstructing the Waledac network-of-bots. The Redmond Software Company also said that the current case deserved taking note as the company like never before was able to really name defendants within a botnet associated court proceedings, they being dotFREE Group SRO and its owner Dominique Alexander Piatti who supplied free registration services of SLD (second-level domain) within the domain space, .cz.cc.

And like Piatti indicated, there'd been instances when the cz.cc domain-name was found to carry out malevolent activities, including hosting facilities, which supported MacDefender a phony anti-virus application, which caused immense problems to consumers over many weeks, this past spring.

Senior Attorney Richard Boscovich for the digital-crimes section of dotFREE suggested that Microsoft would attempt at finding the computers contaminated with the Kelihos Trojan.

According to him, if the subdomains were brought under control, it would enable to study the Kelihos in more detail and thereby help in identifying the distinct IP addresses contaminated with the Kelihos Trojan. TECH60 reported this on October 28, 2011.

A number of security specialists believe that Kelihos has a connection with Waledac as the code of the 2 trojans are same, while Kelihos probably was being used for building a botnet of compromised computers ever-since Waledac's takedown in 2010.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 11/10/2011