Microsoft Names Developer Behind The Kelihos Spam Botnet

Microsoft has officially named a former employee of a Russian antivirus software firm as the suspect behind the Kelihos botnet attacks. The man was identified as Andrey Sabelnikov of St Petersburg, in a Microsoft legal filing.

According to Microsoft, Sabelnikov was the creator of the Kelihos botnet and that he used the software to control, operate, maintain and grow the Kelihos botnet by, among other things, infecting innocent users’ computers.

Former Cyber Security Staffer

The “defendant currently works on a freelance basis for a software development and consulting firm”, wrote Microsoft in its legal filing, and pointed out that he used to work for an anti-virus firm.

“Prior to his current employment, defendant worked as a software engineer and project manager at a company that provided firewall, antivirus and security software. Defendant has a degree from the Department of Computer Systems and Programming, St Petersburg State University of Aerospace Instrument Engineering,” the filing claimed.

Microsoft has also previously alleged that Dominique Alexander Piatti and his company DotFree Group SRO, along with 22 John Does (unknown persons), are also behind the botnet, which Microsoft closed down in September last year.

Richard Boscovich, senior attorney for Microsoft’s Digital Crimes Unit, explained in a blog post that it had reached a settlement with Piatti and DotFree in October and that, thanks to their co-operation and new evidence, the finger of blame had been firmly pointed at Sabelnikov.

“Microsoft is committed to following the evidence, wherever it leads us through the investigation, in order to hold Kelihos’ operators accountable for their actions. We believe this is important both because of the harm caused by Kelihos and because all botnet operators should understand that there are risks and consequences for engaging in malicious activity,” Boscovich wrote.

“We also remain committed to taking what we learn from takedown operations such as these to help better arm the ‘good guys’ in protecting people from the threat,” he added.

Russian Pressure

The public naming and shaming of a Russian Federation citizen comes at a time when many technology firms are hoping to pressure the Russian authorities to tackle their homegrown cybercriminals.

Earlier this month, for example, Facebook published the names of five Russian men it believed are part of the Koobface gang, whose malware has made the group millions of pounds. The company hoped that the public exposure will force the Russian authorities to investigate the group members who live a comfortable lifestyle in St Petersburg and have been known to Facebook since 2008.

And it seems that some Russian action is being taken. Russian investigators for example who are probing a fake pharmaceutical spam operation, recently said that clues and details about the Cutwail botnet and its creator had been discovered in chat logs. Whether this signals a committed Russian intent to clamp down on cyber crime remains to be seen.

Meanwhile, spam levels have been on the slide for a while now. Just before Christmas security researchers warned that criminals are not replacing botnets but are instead turning to more targeted attacks.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago