Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Security IT

Researchers Say Kelihos Gang Is Building New Botnet 110

Posted by samzenpus
from the look-who's-back dept.
alphadogg writes "The cyber-criminal gang that operated the recently disabled Kelihos botnet has already begun building a new botnet with the help of a Facebook worm, according to security researchers from Seculert. Security experts from Kaspersky Lab, CrowdStrike, Dell SecureWorks and the Honeynet Project, announced that they took control of the 110,000 PC-strong Kelihos botnet on Wednesday using a method called sinkholing. That worm has compromised over 70,000 Facebook accounts so far and is currently distributing a new version of the Kelihos Trojan."
This discussion has been archived. No new comments can be posted.

Researchers Say Kelihos Gang Is Building New Botnet

Comments Filter:
  • by Anonymous Coward on Sunday April 01, 2012 @06:08PM (#39544167)

    I'm surprised very few infected clients are Vista. Any particular reason for that?

  • by mspohr (589790) on Sunday April 01, 2012 @06:12PM (#39544195)

    Another reason I'm glad I don't use Facebook or Windows.

    • by SJHillman (1966756) on Sunday April 01, 2012 @06:22PM (#39544243)

      As a previous poster pointed out, trojans care not if it's Windows, Linux, Mac OSX or BSD because the user is the weak link, not the OS. All you need is 1) a trojan for that OS and 2) a user that gives the trojan permissions - most infections I've come across on Windows lately do not have administrator permissions unless the user does. Likewise, Facebook isn't so much the weak link as users are because they'll click on anything.

      • by Charliemopps (1157495) on Sunday April 01, 2012 @06:30PM (#39544287)
        If thieves only targeted a certain model of car because it was very popular and therefor the parts valuable (which is actually the case) you would still be doing yourself a favor by avoiding that model of car, even if you were diligent about where you parked it and buying a security system for it.
      • by mspohr (589790) on Sunday April 01, 2012 @06:41PM (#39544383)

        So why does this only infect Windows? Are Linux and Mac users smarter? Are all Facebook users incredibly stupid? Do only Linux and Mac users realize that it's stupid to type in your password for some random software? Are only Windows users smart enough to remember their administrator passwords? Does god hate Windows? Do the people who write trojans hold a particularly low opinion of Windows users? Are they trying to educate Windows users? Is that possible? I know a few Windows users and they don't seem that stupid. Some of my best friends use Windows but they don't have a clue about this "administrator" stuff. Should we try to explain it to them our just charge them money to clean up their computers? I think that after that whole thing with the Greeks and Trojans that people should be on to them by now... I mean its been like thousands of years. I really don't want to believe that Windows users are stupid, I'd rather blame Microsoft. Mac and Linux don't seem to have these problems with Greeks and Trojans and stupid users...

        • by grcumb (781340) on Sunday April 01, 2012 @08:40PM (#39545119) Homepage Journal
          I have mod points, but tragically there's no +1 troll option.
        • So why does this only infect Windows? Are Linux and Mac users smarter?

          I suspect that there are a few reasons for targeting Windows.

          1. Low-intelligence users (who also tend to have reduced spending power) gravitate to cheap available pre-built hardware running the default OS. That points to Windows.
          2. Windows was historically bad at security, so blackhats gained a lot of experience there. This has got to be a major factor and it can't be helped now.
          3. Windows is much better at security now, but Microsoft hasn't quite got the usability of security right. There are just a few too many security-related confirmation dialogs popping up that users are still not quite careful enough about it.

          Overall, it's a bunch of small stuff and things that just happend that way that adds up in combination to a problem.

          Are all Facebook users incredibly stupid?

          There are lots of Facebook users due to their (FB's) extensive market penetration; enough of the users are incredibly stupid (or at least duped by automated "social" tricks) to make it worthwhile targeting them.

          Look, the real problem is that some people are incredibly stupid. For as long as that's true, there will be criminal scum who try to make a living by duping them. It's been happening for thousands of years (there must've been confidence tricksters in ancient Sumeria) and the use of computers and the internet is just the latest manifestation. Since you can't fix stupid (except by removing all the warning labels from things) we're stuck with running after the criminals to stop them.

      • by Tom (822) on Monday April 02, 2012 @06:14AM (#39547293) Homepage Journal

        As a previous poster pointed out, trojans care not if it's Windows, Linux, Mac OSX or BSD because the user is the weak link, not the OS.

        True in theory.

        Real life begs to differ, though. Geeks regularily forget about real life. In your head, your password policy grants your users great passwords at a theoretical complexity of 10^18. In real life, the actual complexity is closer to 10^7 due to patterns.

        Same with the trojans and other malware. Yes, theoretically some classes of malware could be just as easily targeted on OS X or Linux. In reality, though, OS X has about 15% market share and less than 1% virus share, while Linux has 5% market share and much less than 1% virus share.

        Speculations about whether that's for reasons of technology, psychology or ROI may be interesting, but the simple facts are that the number of known malwares for all non-windows OSes combined doesn't even register as a rounding error in the count of windows malware, and does not even remotely resemble the respective market shares.

      • by Anonymous Coward on Monday April 02, 2012 @09:44AM (#39548741)

        You "anything" link doesn't work ! I have clicked it like 10 times, and nothing happens !

  • by Anonymous Coward on Sunday April 01, 2012 @06:42PM (#39544391)

    seems prime for that.. with the average smart user there having the i.q. of a 90s aol'er.

  • Anonymous (Score:3, Funny)

    by Anonymous Coward on Sunday April 01, 2012 @07:25PM (#39544721)

    We all knew Anonymous would strike again. Why aren't the authorities doing something about these criminals?

    Maybe what we need to do is make it so that nobody can access the internet without supplying a sample of their DNA. And then make it so that all communications from the user to the internet are logged in an extremely verbose manner, and have a system of spy networks at the ready to detect subversive behavior. The governments could intentionally put things like porn or questionable books like Fahrenheit 451, 1984, or The Diary of Anne Frank on the internet and then arrest civilians when they try to access them.

    I wish I were in a position of power where I could institute a program like that in the United States of America. For too long we have strayed from the Lord's Path, and we need a true leader to bring this country back in the right direction.

  • by Anonymous Coward on Monday April 02, 2012 @07:12AM (#39547471)
  • by Anonymous Coward on Monday April 02, 2012 @09:51AM (#39548823)

    Pro-Microsoft 7 digits IDs who have infested /. are playing apologists once again.

    Geez astroturfing shills give us a break: stop feeling so insecure about your insecure Windows. We (desktop Linux users) do not even represent 2% of the desktop market. We're not going to conquer anytime soon your (stupid) user base.

    It has been mentioned that the big variety of Linux kernels / distros / browsers was making life much harder to some would be bot-author that would dream of writing a Linux bot.

    Then there's also the documented fact that any remote user exploit on any Windows system means remote admin rights (what was the last super SNAFU for MS: any "remote desktop enabled" Windows could be "root'ed" right!? I know, I know, the term "rooting" comes from "root" from the Un*x world, so if the term comes from the Un*x world it means Un*x system are more vulnerable no?!).

    The logic and arguments of these M$ shills is saddening.

    Thankfully they're fighting the wrong battle: we're moving away from the desktop apps to the browsers apps and they're totally missing that.

    They keep hanging to their last delusion: that the desktop will continue to matter.

    Good luck M$ shills: you're not fighting desktop Linux or OS X. You're fighting Android and iOS and you're in for a reality check.

Whom the gods would destroy, they first teach BASIC.