Skip to main content

Microsoft Reaches Settlement with Russian Programmer in Kelihos Botnet Case

Back in January 2012, Microsoft officially named Russian national Andrey N. Sabelnikov as one of the individuals involved in the Kelihos botnet case. Now, the Redmond company and the programmer have come to an agreement and the civil case was closed.

The Kelihos botnet was disrupted back in September 2011 by Kaspersky, Microsoft and Kyrus Inc. Ever since, Microsoft has been trying to locate the individuals responsible for running the botnet and bring them to justice.

Sabelnikov has denied being involved in operating Kelihos right from the start, but last week he also managed to convince the company as well.

“Microsoft and St. Petersburg software programmer Andrey Sabelnikov have entered into a Settlement Agreement in the matter of Microsoft v. Sabelnikov,” the joint statement reads.

It continues, “During the negotiations, after reviewing the evidence provided by Microsoft and engaging in discussions, the parties have come to an understanding that Mr. Sabelnikov wrote code that was used in the Kelihos botnet code, but the programmer is not the operator of the botnet or involved in its activities.

“After a review and understanding of all of the details of the case, the parties were able to enter into a confidential settlement agreement in this matter, which resolves the dispute between the parties.”

Basically, Sabelnikov didn’t have anything to do with the botnet, but the botmasters used a piece of code he wrote.

Although the botnet’s actual operators have not been prosecuted or identified, the company is confident that the information they have gathered during the investigation will significantly contribute to future operations.

According to Richard Domingues Boscovich, assistant general counsel at Microsoft Digital Crimes Unit, they have learned not only how a botnet is built, but also how cybercriminals get their hands on the code that’s utilized to build one.