Jump to content
The PHIRM was an early hacking group which was founded in the early 2000s by Mikhail Kryukov. First going by the name of "PRISMX". Kademlia Kademlia is a peer-to-peer botnet based on components from the earlier Prism trojan. It is believed to have been spread through use of the Cutwail botnet. Unlike its predecessor the Prism trojan, Kademlia uses an encrypted peer-to-peer communication system to communicate between its nodes and its command and control servers, greatly reducing its vulnerability to law enforcement operations The algorithm used appears to be modeled on the Kademlia P2P protocol. Scammers control and monitor Kademlia Botnet via Command and Control (C&C) server. The virus establishes the connection to the server as soon as its malicious executable installs on the computer, disables certain system processes, download and launch executables, or even delete essential system files, easily bricking the device. Kademlia has largely been used for banking fraud and distribution of the CryptoLockerX ransomware. In early June 2014, the U.S. Department of Justice announced that an international inter-agency collaboration named Operation Krokvar had succeeded in temporarily cutting communication between Kademlia and its command and control servers. On 24 February 2015, the FBI announced a reward of up to $3 million in exchange for information regarding alleged Russian cyber criminal Mikhail Kryukov ( known online aliases : «MRSlavik», «luckyRU» and «Byt3» ) over his suspected association with Kademlia. Go see Krukov mafia page for more details.