Researchers: Kelihos returns with more sufficient functions

Kaspersky researchers have discovered a more sufficient version of the infamous Kelihos botnet, which operates in the wild. It is knows that Kelihos comes with better resistance to sinkholing techniques.

The new version of the botnet has capabilities that make it harder for experts to find the command and control servers.

The malware distributed by Kelihos was discovered by security firm FireEye last week and was identified as Nap Trojan.

“Once the malicious code is on a machine, it calls out to a domain in Russia. The malware, known as Nap Trojan, then sets a specific parameter that will have the malware's operation timeout after 10 minutes”, wrote David Fisher, an expert from Kaspersky’s Lab.

The functions of the new version of Kelihos botnet include: stealing passwords saved in browsers, sending spam, stealing passwords from various FTP applications and stealing BitCoin data.

It is worth noting that the discovered variant is the third version of Kelihos uncovered by researchers. Two previous versions were taken down by Microsoft in 2011 and 2012.