Skip to main content

Justice Department Takes Aim at Kelihos Botnet

The government is collecting IP addresses of some home computers and sharing them with ISPs, but it is for a good cause: helping dismantle the Kelihos botnet.

The Justice Department announced Monday an effort to dismantle the botnet, which has infected tens of thousands of computers worldwide, using them to harvest log-ins, distribute spam emails by the millions, install ransomware and more.

In an effort to "liberate" the computers of victims—the botnet is designed to operate automatically and undetected—Justice got a warrant to redirect those infected computers to its own substitute server, record the IP addresses of those computers and share them with ISPs and others who could help disinfect them.

"The Government has and will continue to share samples of the Kelihos malware with the internet security community so that antivirus vendors can update their programs to detect and remove Kelihos," Justice said.

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.