Currently, neither Microsoft nor Kaspersky can provide precise numbers to indicate the size of this potentially new botnet, but Kaspersky’s analysis reveals that the size of the old botnet dropped by 25% in the past two months.
It is estimated that the old botnet’s size is far smaller than initially thought, less than 10,000 computers being infected.
The new malware variant is called “Backdoor:Win32/Kelihos.B” and it appears to be based on the initial malware’s cod, but it’s slightly updated and there is no evidence to point that the botnet that was taken down previously has returned to the control of the cybercriminals.
Furthermore, it is believed that this variant is based in part on Waledac, a botnet terminated by Microsoft at the beginning of 2010, but this doesn’t come as a surprise since it’s a known fact that malware authors often utilize code from previous versions.
“Analysis of these samples and continuing observations of Kelihos-infected computers have demonstrated no known re-employment of the original Kelihos botnet by botherders,” Richard Domingues Boscovich, senior attorney at Microsoft Digital Crimes Unit said.
source and full story at: news.softpedia
No comments:
Post a Comment
Once you submit the comment, please wait for its approval. Sooner or later your comment will show up so do not comment twice.