Last September, I shared that Microsoft, Kaspersky and Kyrus Inc. took action against the Kelihos botnet, the first case in which Microsoft named a defendant in one of its civil cases involving a botnet. In January, based on new evidence in the case, Microsoft amended its original complaint and named Andrey N. Sabelnikov, a Russian software programmer, as a new defendant in the lawsuit. Today, I am pleased to say we have reached an agreement with Mr. Sabelnikov, and have officially settled and closed the Kelihos botnet case.

Late last week, Microsoft and Andrey Sabelnikov agreed to the following joint statement, which closed the case:

“Microsoft and St. Petersburg software programmer Andrey Sabelnikov have entered into a Settlement Agreement in the matter of Microsoft v. Sabelnikov. During the negotiations, after reviewing the evidence provided by Microsoft and engaging in discussions, the parties have come to an understanding that Mr. Sabelnikov wrote code that was used in the Kelihos botnet code, but the programmer is not the operator of the botnet or involved in its activities. After a review and understanding of all of the details of the case, the parties were able to enter into a confidential settlement agreement in this matter, which resolves the dispute between the parties.”

The identification of the code developer and the subsequent evidence compiled in this case allowed us to collect important intelligence and data on how botnets are built and how cybercriminals are able to access the code used to build them. This information is key to our future botnet investigations and you can be assured that we will continue to take action against cybercriminals in order to protect our customers and services.

For updates on Microsoft’s ongoing work to combat digital crime, follow the Digital Crimes Unit on Facebook and Twitter.

Posted by Richard Domingues Boscovich
Assistant General Counsel, Microsoft Digital Crimes Unit