Kelihos botnet was taken into control and destroyed during September 2011 by a joint effort under the supervision of Microsoft and Kaspersky Lab. The circulation of malware through this botnet was crushed by shutting down the C&C server and allowing the bots to come in contact with a sinkhole. However, news reported by HELP NET SECURITY on February 03, 2012 reminds of its revival once again.
New types of the malware have been detected instantly after the appearance of these botnet. However, the malware were publicly verified, and this time, spammers are using updated encryption mechanism and keys in order to conceal the bots' communication with the C&C server.
In case of the Kelihos peer-to-peer botnet, Kaspersky researcher are after finding out a new peer address, which the existing infected PC's are being surveyed for few instructions.
...
