[nsp-sec] Hlux/Kelihos p2p botnet sinkhole ... some results - part one - ACK
Helge Aksdal
helge.aksdal at telenor.com
Tue Oct 4 05:14:10 EDT 2011
Hi,
* Wim Biemolt (2011-10-03 22:25):
>
> Dear all,
>
> Attached part one (asn <= 12334) of the hosts that showed up on the
> Hlux/Kelihos p2p botnet sinkhole. The machines are all infected with
> the Hlux bot and should be cleaned. The timestamps are in GMT, with
> nanosecond resolution.
>
> Credit goes to Kaspersky for running the sinhole. Much more details:
>
> http://www.securelist.com/en/blog/208193137/Botnet_Shutdown_Success_Story_How_Kaspersky_Lab_Disabled_the_Hlux_Kelihos_Botnet
Thanks! ACK for 2119, and proxy ACK for 8448, 9158 and 15397.
--
Helge Aksdal
Telenor
More information about the nsp-security
mailing list