Researchers are tracking a new version of the Kelihos botnet, one that comes complete with better resistance to sinkholing techniques and a feature that enables it to remain dormant on infected machines for long periods to help avoid detection. The botnet also is using an advanced fast-flux capability to hide the domains it uses for command-and-control and malware distribution. The malware, known as Trojan Nap, then sets a specific parameter that will have the malware s operation timeout after 10 minutes.
Source: https://threatpost.com/new-version-kelihos-botnet-appears-021113/77509/