Kelihos, Waledac and Storm malware believed to have same author
by Zeljka Zorz - Thursday, 3 November 2011.
The recent takedown of the Kelihos botnet by Microsoft has received a lot of attention, despite the fact that the botnet is rather small (around 41,000 computers located worldwide).

The reason behind this is that it was the first time that a defendant was named in the suit filed by Microsoft and was notified of the action.

According to Microsoft, the Kelihos botnet is thought to be an attempt to rebuild the Waledac botnet. Having analyzed the code of the Kelihos malware, Pierre-Marc Bureau, senior malware researcher at antivirus company ESET, posits that its author is the same person (or group of people) who has developed the Storm worm and the Waledac malware.

In this podcast recorded at Virus Bulletin 2011, he talks about how tracking malware authors' evolving skills can help security professionals and companies fight cybercrime. He also shares the specific discoveries that lead him the aforementioned conclusions about the authorship of the Kelihos, Waledac and Storm malware.

Press the play button below to listen to the podcast:

Pierre-Marc Bureau is responsible of investigating trends in malware and finding effective techniques to counter these threats. Prior to joining ESET, he worked for a network security company where he was senior security analyst.

Pierre-Marc Bureau finished his Master degree in computer engineering at Ecole Polytechnique of Montreal in 2006. His studies focused mainly on the performance evaluation of malware. He has presented at various international conferences including Recon, Infosec, and Virus Bulletin. His main interests lie in reverse engineering, application and network security.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th