Russian programmer refutes Microsoft's Kelihos botmaster accusations

A Russian security researcher accused by Microsoft of creating one of the internet's largest botnets has denied any involvement with the system.

Last week, Microsoft named programmer Andrey Sabelnikov as the person behind the infamous Kelihos botnet – which is reputed to have comprised of 41,000 infected machines and was used to churn out torrents of spam.

But Sabelnikov, a former employee of Russian anti-virus firm Agnitum, has issued a strong rebuttal denying the claims.

"I did not commit this crime, [I have] never participated in the management of botnets," he wrote in a blog post in Russian.

"I want to emphasise that I do not have any relation to the activities Kelihos and spam."

Sabelnikov said he first learned of the accusations on arriving in the US on 21 January, as part of a business trip.

As a result of the accusations, Sabelnikov said he felt compelled to return to Russia, as he was not able to afford a US lawyer.

Microsoft had added Sabelnikov's name to a case against the perpetrators of the Kelihos botnet being heard by the US District Court for the Eastern District of Virginia, making him only the second out of 24 defendants to be named.

The papers filed by Microsoft claimed Sabelnikov "wrote the code for and either created, or participated in creating, the Kelihos malware".

The crooks operating the Kelihos botnet had used it to help steal sensitive financial information, run pump-and-dump stock scams and launch distributed denial of service attacks.

Last September, Microsoft, in conjunction with anti-virus firm Kaspersky Labs and US law enforcers, launched a major operation to take down the Kelihos botnet.

Microsoft had since settled two Kelihos-related cases against owners whose domains were used to operate the botnet.