Microsoft reaches settlement with Kelihos botnet suspectBy Matthew DeCarlo
Microsoft has reached a settlement with the man named in last month's botnet sting. In September, Redmond incapacitated a medium-sized botnet dubbed Kelihos that controlled some 41,000 machines and was capable of sending 3.8 billion spam emails per day. Although it was smaller than Rustock or Waledac (other botnets Microsoft has disabled), Kelihos represented a milestone in the company's efforts: it managed to name a suspect in its suit.
Dominique Alexander Piatti of the Czech Republic was identified and served as a potential participant in Kelihos' operation. It was alleged that Piatti and 22 John Does used his free domain service dotFree Group to operate and control the botnet -- namely with "cz.cc" domains -- but it seems Piatti wasn't as involved as Microsoft originally thought. The settlement dropped charges against Piatti and his domain business, clearing them of any wrongdoing.
"Since the Kelihos takedown, we have been in talks with Mr. Piatti and dotFree Group s.r.o. and, after reviewing the evidence voluntarily provided by Mr. Piatti, we believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet," Microsoft attorney Richard Domingues Boscovich said. "Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti's cz.cc domain."
As part of the settlement, Piatti agreed to delete or forfeit any subdomains used to operate Kelihos or any other illegitimate purposes. He will also coordinate with Microsoft to create and implement measures that prevent the abuse of free subdomains, which will establish a secure free Top Level Domain. "Mr. Piatti and dotFree Group will continue to work with Microsoft to become a role model for the free domain industry," Boscovich continued.
Little was said about the remaining 22 John Does, except that the settlement would help Microsoft reveal their identities. Although Kelihos is technically dead, many computers remain infected with its malware. If you think your system is infected with Kelihos' malware, you'll find free information and tools here to get your machine clean. Microsoft also urges people to "exercise caution when surfing the Web, clicking ads or opening email attachments."
Image via photoinnovation/ShutterStock