The Kelihos Botnet is one of the larger botnets (at an estimated 50,000+ infected devices) botnets brought down – in this case by the US federal government with assistance from Microsoft. A botnet is a network of devices that have been infected and brought under the control of the attacker – but not necessarily total control. Botnets leveraged their large number of devices to overwhelm the defenses of their targets, whether it be through attempts to break security or a DDoS Attack.
Taking down botnets can be difficult, as eliminating a single infected device, or even hundreds, can have a negligible effect on the botnet. Botnets tend to grow constantly too, as each infected device reaches out to other device in its network, this is especially true when Internet of Things devices are involved.
A Russian man, Oleg Koshkin, was convicted for assisting the Kelihos botnet by selling encryption software which allowed the underlying malware to slip through the detection and security systems of its victims. His sentencing is due in July, and he may face up to 12 years in prison for his involvement with Kelihos. Koshkin is not the only individual charged with aiding Kelihos – there is also Pavel Tsurkan, who is currently being tried.