Researchers from Kaspersky Lab recently took down the Kelihos botnet for the second time in six months.
"Microsoft and Kaspersky worked together in September, 2011, on the first Kelihos take-down," writes Threatpost's Brian Donohue. "The bot then resurfaced in January only to be shut down again this month by a combination of private firms including Kaspersky, Dell SecureWorks and CrowdStrike, Inc."
"Kaspersky Lab said it will 'sinkhole' the botnet -- taking control of the botnet's command and control servers and preventing them from distributing any more malicious content," Donohue writes. "While the private firm does not have the legal authority to sanitize infected machines, Kaspersky will contact the Internet service providers (ISPs) whose customers are infected, and hope they take action."
Go to "Kaspersky Knocks Down Kelihos Botnet Again, But Expects Return" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.