Microsoft names Kelihos botnet suspect

Microsoft has named the suspect that it believes was involved in operating the Kelihos botnet that was shutdown in September.

In an amended complaint filed with the US District Court for the Eastern District of Virginia, Microsoft alleged that Russian citizen Andrey Sabelnikov was responsible for the operations of the notorious botnet.

Sabelnikov has been accused of registering more than 3,700 "cz.cc" subdomains and using them to operate and control the Kelihos botnet, according to Richard Domingues Boscovich, senior attorney of Microsoft's digital crimes unit, writing on the Official Microsoft Blog.

"Microsoft presented evidence to the court that Sabelnikov wrote the code for and either created, or participated in creating, the Kelihos malware. Further, the complaint alleges that he used the malware to control, operate, maintain and grow the Kelihos botnet," he said.

"Further, the complaint alleges that he used the malware to control, operate, maintain and grow the Kelihos botnet. These allegations are based on evidence Microsoft investigators uncovered while analysing the Kelihos malware."

The firm has already settled two cases against owners whose sub domains were used to operate the botnet after the firm reached a deal with Dominique Alexander Piatti and his company dotFree Group, a hosting firm accused of harbouring malware writers and botnet distributors, in November.

Microsoft warned, though, that while the Kelihos botnet has been inactive since September, there are still thousands of computers infected with its malware.

"This case is certainly not over. Look for more updates as the Kelihos investigation and Microsoft's overall fight to disrupt botnets continue," Boscovich added.