403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx
Follow us:
403 Forbidden

403 Forbidden


nginx

Microsoft Pri0

Welcome to Microsoft Pri0: That's Microspeak for top priority, and that's the news and observations you'll find here from Seattle Times technology reporter Matt Day.

January 23, 2012 at 5:08 PM

Microsoft names person it believes is behind the Kelihos botnet

Microsoft has named the man it believes to be responsible for the Kelihos botnet.

In an amended complaint filed today as part of an ongoing civil suit, Microsoft is accusing Andrey N. Sabelnikov, a citizen of Russia who lives in St. Petersburg, of writing the code for and either creating or participating in creating, the Kelihos malware. MIcrosoft also alleges that Sabelnikov used the malware to control, operate, maintain and grow the Kelihos botnet by, among other things, infecting innocent users’ computers.

Sabelnikov currrently works on a freelance basis for a software development

and consulting firm, and prior to that, worked as a software engineer and project manager at “a company that provided firewall, antivirus and security software,” according to Microsoft’s amended complaint filed in federal court in the Eastern District of Virginia.

The case stems from a civil lawsuit Microsoft filed in September after it took down the Kelihos botnet.

Botnets are networks of virus-infected computers that can send out spam or viruses. The Kelihos botnet infected at least 41,000 computers worldwide, according to Microsoft, and infected Internet users’ computers with malicious software which allowed the botnet to surreptitiously control a person’s computer and use it for a variety of illegal activities, including sending out billions of spam messages, harvesting users’ personal information (such as e-mails and passwords), fraudulent stock scams and, in some instances, websites promoting the sexual exploitation of children.

In October, Microsoft settled with two of the defendants in the case — Dominique Alexander Piatti and his company, dotFREE Group SRO.

The case against the remaining defendants — identified as John Does 1-22 — remained open. Sabelnikov is one of those John Does. He was named thanks to cooperation from Piatti and dotFREE Group SRO, and new evidence, according to an official Microsoft blog post on the issue.

Microsoft says the Kelihos botnet is now inactive but that thousands of computers are still infected with its malware and advises people visit Microsoft’s virus and security solution center for information on cleaning their PCs.

Comments

COMMENTS

No personal attacks or insults, no hate speech, no profanity. Please keep the conversation civil and help us moderate this thread by reporting any abuse. See our Commenting FAQ.



The opinions expressed in reader comments are those of the author only, and do not reflect the opinions of The Seattle Times.


403 Forbidden

403 Forbidden


nginx
403 Forbidden

403 Forbidden


nginx