Feds initiate dismantling of notorious Kelihos Botnet
The actions began a few days ago, after the arrest of the Russian hacker Pyotr Levashov
After the arrest of the Russian hacker Pyotr Levashov, also known as Severa, the US authorities are now trying to dismantle his massive botnet which was used to send hundreds of millions of spam emails every year.
According to a statement from the US Justice Department, an effort to take down the Kelihos botnet is being launched. The Kelihos is a global network of infected Windows systems which were utilized to carry out spam attacks advertising various fraud schemes and counterfeit drugs, but also to harvest passwords and infect devices with malware.
The announcement comes after news of Levashov’s arrest has spread. Severa was allegedly operating the botnet since 2010. He also ranks seventh on the World’s Ten Worst Spammers list, according to Spamhaus, a spam-tracking group.
“The operation announced today targeted an ongoing international scheme that was distributing hundreds of millions of fraudulent e-mails per year, intercepting the credentials to online and financial accounts belonging to thousands of Americans, and spreading ransomware throughout our networks. The ability of botnets like Kelihos to be weaponized quickly for vast and varied types of harms is a dangerous and deep threat to all Americans, driving at the core of how we communicate, network, earn a living, and live our everyday lives,” said Acting Assistant Attorney General Kenneth Blanco.
He also stated that the success in disrupting Kelihos was the result of string cooperation between private industry experts and law enforcement, as well as the use of “innovative legal and technical attacks”.
According to statement from FBI Special Agent in Charge, Ritzman, the operation against the Kelihos was initiated on the 8th of April when they started blocking malicious domains associated with the botnet to prohibit further infections.