News Item

Kelihos Botnet Sucked into Netherlands Sinkhole

By: Nick Clayton, The Wall Street Journal

Botnets are particularly insidious, using thousands of virus-infected computers which their owners are unaware are being used for sending out spam, launching denial-of-service attacks and stealing data.

But taking down a botnet poses challenges. The main problem is that legitimate security companies can’t use the same type of weapons as criminals.

When the last Kelihos botnet was shut down in October 2011, for instance, researchers discovered the way the botnet updated itself. An obvious solution would have been to use this knowledge to clean thousands of infected machines remotely. But, to do that without the explicit permission of computer owners would have been as illegal as the activities of the botnet’s controllers.

Read more...