The creators of Kelihos botnet develop wings. Their tool, which has been operating for years, has recently tripled its size. The botnet authors intend to use it to distribute ransomware and banking trojans.
In 2008, cyber security experts discovered a new botnet called Kelihos. It was not a big threat to computer owners, since its operation was limited to sending large amounts of spam. However, the anti-spam filters are becoming more and more perfect, so Kelihos’s effectiveness has begun to diminish.
Its creators do not intend to end the activity. MalewareTech, the company that manages the Botnet Tracker project tracking all existing botnets, claims Kelihos developers have switched to more lucrative distributions of ransomware and banking trojans.
By the end of June, the botnet started distributing Wildfire ransomware. At the same time, he began to grow in strength. So far Kelihos consisted of 8,000 computers and this number was essentially constant. However, when botnet creators changed their business profile, its size began to grow. Between 9 and 11 July, the number of computers under his control increased to 13,000. However, the largest increase was recorded on 22 August, when in a few hours the number of computers increased to 36 thousand.Tweet