Justice Department Takes Aim at Kelihos Botnet

DOJ redirects botnet, shares IP addresses with ISPs
Author:
Publish date:
Social count:
0
Security.jpg

The government is collecting IP addresses of some home computers and sharing them with ISPs, but it is for a good cause: helping dismantle the Kelihos botnet.

The Justice Department announced Monday an effort to dismantle the botnet, which has infected tens of thousands of computers worldwide, using them to harvest log-ins, distribute spam emails by the millions, install ransomware and more.

In an effort to "liberate" the computers of victims—the botnet is designed to operate automatically and undetected—Justice got a warrant to redirect those infected computers to its own substitute server, record the IP addresses of those computers and share them with ISPs and others who could help disinfect them.

"The Government has and will continue to share samples of the Kelihos malware with the internet security community so that antivirus vendors can update their programs to detect and remove Kelihos," Justice said.

Related