Kelihos botnet lawsuit: Microsoft backpedals
Microsoft has settled its complaint against software programmer Andrey N Sabelnikov. In late January this year, the company accused the young Russian citizen of being one of the Kelihos botnet operators. A new joint statement has now clarified that the St. Petersburg-based programmer was only responsible for some of the code that was later used as part of the Kelihos botnet.
This was the first case in which Microsoft filed a complaint against identifiable individuals as potential botnet operators. Although these accusations have now been dropped, Microsoft draws a positive conclusion. "The identification of the code developer and the subsequent evidence compiled in this case allowed us to collect important intelligence and data on how botnets are built and how cybercriminals are able to access the code used to build them", said Richard Boscovich, Microsoft's Senior Attorney from the Digital Crimes Unit, on the company's blog. In 2011, Sabelnikov released a public statement (Google translation) in which he rejected Microsoft's allegations.
Another named defendant in the Kelihos botnet case was Dominique Alexander Piatti. The allegations against Piatti were withdrawn in October 2011 following successful settlement negotiations. Now, Microsoft is only investigating several "John Does" as the botnet operators.
The company has tried to take legal action against botnets for some time. The Zeus botnet, as well as the Waledac botnet, have already felt the effects of this approach. According to Microsoft, the Kelihos botnet, aka "Waledac 2.0", has been inactive since it was taken down in September 2011, but thousands of computers continue to be infected with the malware. The botnet sent out spam and harvested user data such as email addresses and passwords. Allegedly, it also advertised child pornography web sites.