Related

• Verizon’s unlimited data plan to be discontinued
• Apple Successfully Claims iPhone5.com Domain
• Google Music to deauthorize 4 devices per year
• The Pirate Bay hit by a DDOS attack, Anonymous might be responsible

Last year, Microsoft in partnership with Kaspersky Labs have killed a powerful botnet called Kelihos which was responsible for sending billions of spam messages on a daily basis. Recently, more information has been released about the case as Microsoft has identified the person who was operating the botnet. Andrey N. Sabelnikov was said to be the person responsible for Kelihos, however, this may not matter at the moment because a similar botnet is now working its “black magic” in the wild.

Although Microsoft announced that Kelihos has been killed, the problem was that the malware was still present on thousands of computers worldwide. This new peer-to-peer botnet operates just like Kelihos, and it’s sending lots of spam messages in different languages daily.

It’s called Hlux and it behaves just like Kelihos even though Microsoft and Kaspersky have shut down the IPs used by Andrey N. Sabelnikov to control the botnet. Anyway, as many computers were still infected, the situation allowed another attacker to gain control over it, and to send millions of spam messages.

Microsoft did record an important victory last year, however, the rising of Hlux demonstrates that it’s almost impossible to remove botnets from the web. It’s even harder to kill them when they are operating on P2P technology because they are using personal computers to seed themselves, and receive commands through “benign channels.”

Kaspersky acknowledged the problem and said that you cannot remove a botnet completely even though you got rid of the “controller machines.” The antivirus firm said that it’s trying its best to “keep down” a botnet shut down by Microsoft in order to protect the customers and their computers.

Kelihos itself is not a unique botnet because it’s based on another botnet called Waledac. This one has also been killed by Microsoft in 2010, however, an attacker managed to get his hands on active router IPs and then revived the botnet.

A Kaspersky researcher said that the only way to entirely kill a botnet is to remove it from all infected computers. According to Tillman Werner, users who think that their computer is infected can rely on Kaspersky antivirus program and follow certain instructions on how to remove Kelihos, Hlux, or any other botnet.

Recently, Google, Facebook, Microsoft, Paypal, and other companies have formed an alliance called DMARC which is intended to fight against phishing emails. DMARC protocols have been in place for a while now, but now that these giants are acting together, they’re hoping that email users will receives less spam in the future.