Microsoft kills Kelihos botnet

Software giant takes down a third botnet following previous successes against Waledoc and Rustock

Microsoft has announced that it has taken down the Kelihos botnet, following its previous successes in taking down the Waledec botnet last year, and the Rustock botnets in March 2011.

Botnets are groups of computers that are infected with malware enabling a cyber criminal to control that machine. This network of compromised computers is often then used to send out tens of millions of spam messages.

Richard Boscovich, senior attorney, Microsoft Digital Crimes Unit, stated that Kelihos was used for this purpose, and more.

"Kelihos infected internet users' computers with malicious software, allowing the botnet to surreptitiously control a person's computer and use it for a variety of illegal activities, including sending out billions of spam messages, harvesting users' personal information (such as emails and passwords), fraudulent stock scams and, in some instances, web sites promoting the sexual exploitation of children."

Boscovich added that Kelihos was thought to be run by the same group who were behind Waledec, and that this takedown was designed to send a message to cyber criminals.

"The Kelihos takedown is intended to send a strong message to those behind botnets that it's unwise for them to simply try to update their code and rebuild a botnet once we've dismantled it," he wrote.

"When Microsoft takes a botnet down, we intend to keep it down – and we will continue to take action to protect our customers and platforms and hold bot-herders accountable for their actions."