Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security IT

Researchers Say Kelihos Gang Is Building New Botnet 110

Posted by samzenpus from the look-who's-back dept.
alphadogg writes "The cyber-criminal gang that operated the recently disabled Kelihos botnet has already begun building a new botnet with the help of a Facebook worm, according to security researchers from Seculert. Security experts from Kaspersky Lab, CrowdStrike, Dell SecureWorks and the Honeynet Project, announced that they took control of the 110,000 PC-strong Kelihos botnet on Wednesday using a method called sinkholing. That worm has compromised over 70,000 Facebook accounts so far and is currently distributing a new version of the Kelihos Trojan."
This discussion has been archived. No new comments can be posted.

Researchers Say Kelihos Gang Is Building New Botnet More

Researchers Say Kelihos Gang Is Building New Botnet

Comments Filter:

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Sunday April 01, 2012 @07:04PM (#39544147)
    Comment removed based on user account deletion

  • Two deadly vectors of infection... (Score:4, Insightful)

    by mspohr ( 589790 ) on Sunday April 01, 2012 @07:12PM (#39544195)

    Another reason I'm glad I don't use Facebook or Windows.

  • Re:Two deadly vectors of infection... (Score:4, Insightful)

    by SJHillman ( 1966756 ) on Sunday April 01, 2012 @07:22PM (#39544243)

    As a previous poster pointed out, trojans care not if it's Windows, Linux, Mac OSX or BSD because the user is the weak link, not the OS. All you need is 1) a trojan for that OS and 2) a user that gives the trojan permissions - most infections I've come across on Windows lately do not have administrator permissions unless the user does. Likewise, Facebook isn't so much the weak link as users are because they'll click on anything.

  • Re:How many of those where linux pc's again? None (Score:2, Insightful)

    by Anonymous Coward on Sunday April 01, 2012 @07:23PM (#39544249)

    Linux isn't some magic bullet that is immune to trojans

    repeat after me, Linux is the kernel, Linux is the kernel, Linux is the kernel, Linux is the kernel, Linux is the kernel, Linux is the kernel, Linux is the kernel, Linux is the kernel, Linux is the kernel

    as long as whatever happens to be the payload can access user's files and see what the user does and can make network connections that's all it needs

    How do you pretend to deliver that payload exactly? Heck, every Linux distribution out there is totally different from the others, they have different, ABIs (elibc, glibc, uclibc), different kernel versions which are also patched differently. They run different window managers and different desktops environments. People running Linux are also more educated.

    So yeah, I have yet to see a malicious ELF executable being distributed on Facebook - LOL!

  • Re:How many of those where linux pc's again? None (Score:5, Insightful)

    by monkeyhybrid ( 1677192 ) on Sunday April 01, 2012 @07:48PM (#39544437)

    How do you pretend to deliver that payload exactly? Heck, every Linux distribution out there is totally different from the others, they have different, ABIs (elibc, glibc, uclibc), different kernel versions which are also patched differently. They run different window managers and different desktops environments. People running Linux are also more educated.

    And nearly all will run bash, python and perl scripts. A malicious payload doesn't have to be a compiled binary.

Slashdot Top Deals

The rule on staying alive as a program manager is to give 'em a number or give 'em a date, but never give 'em both at once.

Close