Microsoft and Kaspersky Lab have denied that the Kelihos botnet, also known as Hlux, spam has returned after having been disabled by Microsoft and Kaspersky Lab in September last year.
The botnet had infected about 41,000 computers, which used for sending 3.8 billion spam messages each day. Microsoft and Kaspersky Lab halted the malicious activity of this network to make computers zombies begin to ask for orders to a server controlled by security companies, instead of the malicious server from cyber criminals.
Some media, based on a publishing analyst Maria Garnaeva Kaspersky reported that the botnet was back to work. But both Microsoft and Kaspersky Lab soon clear that the article concerned Garnaeva Kelihos variants, not the botnet was deactivated in September.
“The botnet that disconnect is under control and infected computers are not receiving orders from central command and control (C & C), so we are not sending spam. But new models, who are watching, spammers continue to receive orders and sending spam. This means that we are facing another botnet. “
Dominguez Richard Boscovich, a lawyer for the Digital Crimes Unit at Microsoft, supported Kaspersky: “Contrary to what some reports, Kaspersky and Microsoft have not seen anything to indicate that the boot was disconnected in September has again been controlled by cyber criminals or is sending spam.”