Feeds

Microsoft's Kelihos kingpin suspect: It wasn't me

Sabelnikov denies botnet herder allegation

Internet Security Threat Report 2014

The Russian man named by Microsoft as the mastermind behind the Kelihos botnet has stepped forward to plead his innocence.

Microsoft filed suit in the US last week accusing Andrey Sabelnikov, of St Petersburg, of writing the Kelihos botnet agent and maintaining the network of zombie machines created using the malware to send billions of spam messages. At its peak, the Kelihos botnet included a legion of 41,000 infected machines capable of spewing out 3.8 billion spam emails per day. The network was effectively decapitated by a Microsoft-led takedown operation targeting command & control nodes last September.

Sabelnikov, a former employee of Russian security software firm Agnitum, stepped forward late last week to insist he is "absolutely not guilty [and has] never been involved in handling botnets or any other similar programs". Sabelnikov told the BBC he was "surprised and shocked" at the accusation, adding: "I will prove my innocence."

Microsoft is standing by its accusation that "Sabelnikov wrote the code for and either created, or participated in creating, the Kelihos malware". In addition, the software giant accuses the Russian of "using the malware to control, operate, maintain and grow the Kelihos botnet".

More specifically the lawsuit alleges that Sabelnikov registered more than 3,700 "cz.cc" subdomains from Czech firm dotFREE Group before using these subdomains to operate and control the Kelihos botnet.

A personal blog post by Sabelnikov denying any involvement in the Kelihos botnet operation can be found here (in Russian). ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.