Kelihos, Waledac and Storm malware believed to have same author
by Zeljka Zorz - Thursday, 3 November 2011.
Bookmark and Share
The recent takedown of the Kelihos botnet by Microsoft has received a lot of attention, despite the fact that the botnet is rather small (around 41,000 computers located worldwide).

The reason behind this is that it was the first time that a defendant was named in the suit filed by Microsoft and was notified of the action.

According to Microsoft, the Kelihos botnet is thought to be an attempt to rebuild the Waledac botnet. Having analyzed the code of the Kelihos malware, Pierre-Marc Bureau, senior malware researcher at antivirus company ESET, posits that its author is the same person (or group of people) who has developed the Storm worm and the Waledac malware.

In this podcast recorded at Virus Bulletin 2011, he talks about how tracking malware authors' evolving skills can help security professionals and companies fight cybercrime. He also shares the specific discoveries that lead him the aforementioned conclusions about the authorship of the Kelihos, Waledac and Storm malware.

Press the play button below to listen to the podcast:



Pierre-Marc Bureau is responsible of investigating trends in malware and finding effective techniques to counter these threats. Prior to joining ESET, he worked for a network security company where he was senior security analyst.

Pierre-Marc Bureau finished his Master degree in computer engineering at Ecole Polytechnique of Montreal in 2006. His studies focused mainly on the performance evaluation of malware. He has presented at various international conferences including Recon, Infosec, and Virus Bulletin. His main interests lie in reverse engineering, application and network security.

Spotlight

Critical vulnerabilities in web-based password managers found

Posted on 14 July 2014.  |  Researchers have analyzed five popular web-based password managers and have discovered - and then responsibly reported - vulnerabilities that could allow attackers to learn a userís credentials for arbitrary websites.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 14th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //