Kelihos
Description
(CrowdStrike) For several years, pump-and-dump stock scams, dating ruses, credential phishing, money mule recruitment and rogue online pharmacy advertisements were the most common spam themes. In 2017, however, Kelihos was frequently used to spread other malware such as Luminosity RAT, Zyklon HTTP, Neutrino, Nymaim, Gozi ISFB, Zeus Panda, Kronos, and TrickBot. It was also observed spreading ransomware families including Shade, Cerber, and FileCrypt2.
Names
| Name |
|---|
| Kelihos |
| Waledac |
| Hlux |
Category
Malware
Type
- Botnet
- Downloader
Information
- https://www.crowdstrike.com/blog/farewell-to-kelihos-and-zombie-spider/
- https://www.crowdstrike.com/blog/inside-the-takedown-of-zombie-spider-and-the-kelihos-botnet/
- https://www.wired.com/2017/04/fbi-took-russias-spam-king-massive-botnet/
- https://www.cyberscoop.com/doj-kelihos-botnet-peter-levashov-severa/
- https://en.wikipedia.org/wiki/Kelihos_botnet
Malpedia
- https://malpedia.caad.fkie.fraunhofer.de/details/win.kelihos
- https://malpedia.caad.fkie.fraunhofer.de/details/win.hlux
Other Information
Uuid
249447a1-e003-487a-a089-4d79aa1cde84
Last Card Change
2020-05-16