Microsoft concludes Russian programmer didn’t operate Kelihos botnet

Following the settling of the Nitol botnet lawsuit earlier this month, Microsoft has announced on Friday that it has reached a settlement with Russian software programmer Andrey N. Sabelnikov, who was named earlier this year as one of the defendants in its Kelihos case.

Less than a month after the botnet’s shutdown Microsoft has dropped the suit against the Kelihos botnet domain provider. Sabelnikov was added as a defendant in the case in January.

At the time, Microsoft believed that Sabelnikov had written the code for and either created, or participated in creating, the Kelihos malware, and used the malware to control, operate, maintain and grow the Kelihos botnet.

Now, less than eight months later, Microsoft has apparently been satisfied with the evidence presented and considers Sabelnikov to be innocent of the accusations first brought against him.

“During the negotiations, after reviewing the evidence provided by Microsoft and engaging in discussions, the parties have come to an understanding that Mr. Sabelnikov wrote code that was used in the Kelihos botnet code, but the programmer is not the operator of the botnet or involved in its activities. After a review and understanding of all of the details of the case, the parties were able to enter into a confidential settlement agreement in this matter, which resolves the dispute between the parties,” shared Richard Boscovich, Assistant General Counsel in the Microsoft Digital Crimes Unit.

The Kelihos botnet case is now closed, even though we are none then wiser about who was actually behind it. Hopefully Microsoft is continuing the investigation and get to the bottom of the matter.

In the meantime, the evidence they managed to amass so far has taught the investigators and researchers about how botnets are built and how cybercriminals are able to access the code used to build them.