Microsoft Identifies Botnet Suspect as Former Employee!
This entry was posted on Tuesday, January 24, 2012.
The former employee of Microsoft is of Russian origin by the name of Andrey Sabelnikov. Microsoft has accused him for 'writing and/or participating in creating' malicious software which bugged a large number of computers. The botnet called Kelihos botnet managed to infect machines and then send out spam and spread more malware. The botnet was countered in September, 2011.
The botnet could still be infecting thousands of computers, Microsoft's lead attorney warned in a blog post. The matter has been taken up with the US District Court for the Eastern Virginia District. The Senior Attorney, Microsoft Digital Crimes Unit, Mr. Richard Domingues Boscovich has written, "Microsoft presented evidence to the court that Mr Sabelnikov wrote the code for and either created, or participated in creating, the Kelihos malware. Further, the complaint alleges that he used the malware to control, operate, maintain and grow the Kelihos botnet. These allegations are based on evidence Microsoft investigators uncovered while analysing the Kelihos malware."
Mr. Boscovich has advised users whose machines might have been infected with the botnet to seek help through the website of Microsoft. The details Microsoft has provided for Mr. Sabelnikov suggest that he has worked with 'a company that provided firewall, antivirus and security software' as a software engineer and project manager. The name of that company, as seen in Mr. Sabelnikov's LinkedIn profile is the security firm Agnitum, which is based in St. Petersburg. Official confirmation has been received by the sales and marketing director at Agnitum, Vitaliy Yanko who informed the BBC that, "I have checked the info and may confirm that Andrey Sabelnikov worked at Agnitum from 2005 till 2008. "Afterwards our ways parted. Seems that he chose the wrong route afterwards."