Follow us:

Microsoft Pri0

Welcome to Microsoft Pri0: That's Microspeak for top priority, and that's the news and observations you'll find here from Seattle Times technology reporter Matt Day.

January 23, 2012 at 5:08 PM

Microsoft names person it believes is behind the Kelihos botnet

Microsoft has named the man it believes to be responsible for the Kelihos botnet.

In an amended complaint filed today as part of an ongoing civil suit, Microsoft is accusing Andrey N. Sabelnikov, a citizen of Russia who lives in St. Petersburg, of writing the code for and either creating or participating in creating, the Kelihos malware. MIcrosoft also alleges that Sabelnikov used the malware to control, operate, maintain and grow the Kelihos botnet by, among other things, infecting innocent users’ computers.

Sabelnikov currrently works on a freelance basis for a software development

and consulting firm, and prior to that, worked as a software engineer and project manager at “a company that provided firewall, antivirus and security software,” according to Microsoft’s amended complaint filed in federal court in the Eastern District of Virginia.

The case stems from a civil lawsuit Microsoft filed in September after it took down the Kelihos botnet.

Botnets are networks of virus-infected computers that can send out spam or viruses. The Kelihos botnet infected at least 41,000 computers worldwide, according to Microsoft, and infected Internet users’ computers with malicious software which allowed the botnet to surreptitiously control a person’s computer and use it for a variety of illegal activities, including sending out billions of spam messages, harvesting users’ personal information (such as e-mails and passwords), fraudulent stock scams and, in some instances, websites promoting the sexual exploitation of children.

In October, Microsoft settled with two of the defendants in the case — Dominique Alexander Piatti and his company, dotFREE Group SRO.

The case against the remaining defendants — identified as John Does 1-22 — remained open. Sabelnikov is one of those John Does. He was named thanks to cooperation from Piatti and dotFREE Group SRO, and new evidence, according to an official Microsoft blog post on the issue.

Microsoft says the Kelihos botnet is now inactive but that thousands of computers are still infected with its malware and advises people visit Microsoft’s virus and security solution center for information on cleaning their PCs.

Comments

COMMENTS

No personal attacks or insults, no hate speech, no profanity. Please keep the conversation civil and help us moderate this thread by reporting any abuse. See our Commenting FAQ.



The opinions expressed in reader comments are those of the author only, and do not reflect the opinions of The Seattle Times.


The Seattle Times

The door is closed, but it's not locked.

Take a minute to subscribe and continue to enjoy The Seattle Times for as little as 99 cents a week.

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Subscriber login ►
The Seattle Times

To keep reading, you need a subscription upgrade.

We hope you have enjoyed your complimentary access. For unlimited seattletimes.com access, please upgrade your digital subscription.

Call customer service at 1.800.542.0820 for assistance with your upgrade or questions about your subscriber status.

The Seattle Times

To keep reading, you need a subscription.

We hope you have enjoyed your complimentary access. Subscribe now for unlimited access!

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Activate Subscriber Account ►