Microsoft settles botnet case with Czech dotFree group
Having started legal proceedings last month against Dominique Alexander Piatti, the Czech dotFree Group s.r.o. and twenty-two others, Microsoft has announced on its blog that it has settled with Piatti and his company, as it now believes that they were not involved in the control or operation of the Kelihos botnet. Piatti and dotFree Group have in fact cooperated with Microsoft and have either handed over to Microsoft or deleted the subdomains that were used to operate the botnet. The lawsuit against the 22 "John Does", however, remains open. These were unknown people associated with the IP addresses and domains allegedly involved in the command and control of Kelihos.
In the blog post, Richard Boscovich, Microsoft's Senior Attorney from the Digital Crimes Unit, explained that the controllers of the botnet had made use of the subdomain services provided by Piatti's cz.cc domain. He added that Piatti and dotFree Group will continue working with Microsoft to develop best practices that will help prevent the abuse of free subdomains, such as those provided by dotFree.
On its site, dotFree describes the recent involvement with Microsoft: "The controllers of the Botnet found a way to abuse a popular free subdomain provider (http://cz.cc also developed by dotFree's founders), and were using those domains as a part of their operations." The write-up continues: "As a provider of free service we were always concerned by the potential for abuse, and learned (sometimes the hard way) that security should never be underestimated. No one wants to be handed a thick binder by a stranger at your nearby coffee shop saying 'Microsoft is suing you'."
The company says it is pleased that Microsoft will continue the relationship, helping to construct best practices for free domains in general and the .free top level domain that is proposed and supported by the dotFree Group.
- Microsoft takes legal action against botnet, a report from The H.