Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Names Reputed Head of Kelihos Botnet

Posted by Unknown on from the framed-by-darpa-created-ai dept.

wiredmikey writes with an update on Microsoft's takedown of the Kelihos botnet. From the article: "Microsoft is not just taking down botnets; it is taking them down and naming names. In an amended complaint [PDF] filed Monday in U.S. District Court for the Eastern District of Virginia, Microsoft named a man from St. Petersburg, Russia, as the alleged head of the notorious Kelihos botnet. Naming names can be a risky business. Previously, Microsoft alleged Dominique Alexander Piatti, dotFREE Group SRO and several unnamed 'John Does' owned a domain cz.cc and used cz.cc to register other subdomains used to operate and control the Kelihos botnet. However, the company later absolved Piatti of responsibility when investigators found neither he nor his business was controlling the subdomains used to host Kelihos. Whether naming Sabelnikov – who, according to Krebs on Security, once worked as a senior system developer and project manager for Russian antivirus vendor Agnitum, will have the same effect as naming the Koobface gang remains to be seen. Though Kelihos has remained defunct since the takedown last year, the malware is still on thousands of computers."

30 comments

  1. KOMMIE AS EXPECTED !! by Anonymous Coward · · Score: 0

    Who else ??

    1. Re:KOMMIE AS EXPECTED !! by Anonymous Coward · · Score: 0

      While the failing US education system may say otherwise, as the references to East and West Germany in my high schools history books can attest, the Berlin Wall actually fell some time ago, and Russia/the former Soviet Union is no longer communist.

    2. Re:KOMMIE AS EXPECTED !! by lvxferre · · Score: 1

      The new trend is blaming China, not Russia/CCCP.

      --
      Nerdy news for your nerdy needs? http://www.soylentnews.org Soylent News is people!
  2. too simple by daniel23 · · Score: 1

    I won't buy it unless you can show me how the CIA (or another 3-letter organization) is secretly in bed with them ...

    --
    605413? Yes, it's a prime.
    1. Re:too simple by q.kontinuum · · Score: 1

      Inefficient list of three letter agencies, you probably forgot some.

              char t[5] ; memcpy( t, "AAA\n", 5);
              do { do { do {
                      printf( t );
              #define W(a) } while (t[a]++ 'Z'); t[a]='A';
              W(0) W(1) W(2)

      --
      Trolling is a art!
  3. So, wait. by willaien · · Score: 3, Interesting

    Sabelnikov – who, according to Krebs on Security, once worked as a senior system developer and project manager for Russian antivirus vendor Agnitum

    Does this lend credence to the conspiracy theory that antivirus vendors are, in some way, behind the very viruses they're supposed to remove?

    1. Re:So, wait. by DeathFromSomewhere · · Score: 4, Insightful

      Nope. There is no indication that this guy wrote the botnet as part of his job. A more likely explanation is that he used his employment to gather information about how to avoid antivirus software killing his botnet.

      --
      -1 overrated isn't the same thing as "I disagree".
    2. Re:So, wait. by gstoddart · · Score: 3, Insightful

      Does this lend credence to the conspiracy theory that antivirus vendors are, in some way, behind the very viruses they're supposed to remove?

      Or merely suggest that it's more lucrative to go to the dark side? One guy does not a conspiracy make.

      And, likewise, this can't disprove any such conspiracy either.

      --
      Lost at C:>. Found at C.
    3. Re:So, wait. by NWX · · Score: 0

      Both virus detection and virus creation need the same skill set. Gather information sounds just stupid, as hackers can read the disassembly anyway, and it's not exactly secret how antiviruses operate. It's just that both have the same skill-set and are interested in similar things.

    4. Re:So, wait. by willaien · · Score: 3, Insightful

      Nope. There is no indication that this guy wrote the botnet as part of his job. A more likely explanation is that he used his employment to gather information about how to avoid antivirus software killing his botnet.

      Senior Systems Developer is a pretty high up position. It's not CTO level, but... I'd say that joining just to get access to info at that level is a bit of a stretch. gstoddart's suggestion that he became the very monster he was fighting would have a bit more credence.

    5. Re:So, wait. by DeathFromSomewhere · · Score: 1

      Agreed.

      --
      -1 overrated isn't the same thing as "I disagree".
    6. Re:So, wait. by AngryDeuce · · Score: 1

      Does this lend credence to the conspiracy theory that antivirus vendors are, in some way, behind the very viruses they're supposed to remove?

      Behind them? In my experiences trying to fucking remove Norton Internet Security, I really wonder if it is one in itself...

    7. Re:So, wait. by Anonymous Coward · · Score: 0

      Its impossible to disprove any conspiracy theory.

    8. Re:So, wait. by gstoddart · · Score: 1

      Its impossible to disprove any conspiracy theory.

      That's just what they want you to believe. ;-)

      --
      Lost at C:>. Found at C.
    9. Re:So, wait. by Anonymous Coward · · Score: 0

      Oh for a "-1 Tired Meme" mod.

    10. Re:So, wait. by Anonymous Coward · · Score: 0

      Nice try, Antivirus company...

    11. Re:So, wait. by Gription · · Score: 1

      More to the point:
      Everyone has an interest in having a well funded retirement plan...

    12. Re:So, wait. by Anonymous Coward · · Score: 1

      I'm a senior systems developer and I was hired about 2 months ago. Titles don't mean much.

    13. Re:So, wait. by enrgeeman · · Score: 1

      Only the good ones...

      --
      sent from my slashdot browser.
    14. Re:So, wait. by Anonymous Coward · · Score: 0

      Considering the implied knowledge overlap of antivirus / virus programmers, this is expected in a percentage of the cases. It does not significantly confirm or refute the CT.

  4. There are two things I don't trust by WillAffleckUW · · Score: 1

    There are two things I don't trust.

    Q. What are they?

    A. Anti-virus coders

    Q. And?

    A. Carnies. They have small hands.

    --
    -- Tigger warning: This post may contain tiggers! --
  5. Kelihos was formely the IT department under KAOS by Anonymous Coward · · Score: 0

    Until now, Sabelnikov's role has not been public, however, it was previously acknowledged under the Cone of Silence.

    (KAOS, a Delaware corporation).

  6. Due process by Beeftopia · · Score: 2

    I've got no problems with corporations naming names and trying to uncover crimes. I just want to make sure any assertions of violation they make go through the due process of the US legal system. With this, or with copyright infringement or anything else. Plus, it's nice when they haven't corrupted the system by buying politicians who then make laws that dramatically favor them.

  7. WTF? Absolved of crime by Microsoft? by rohan972 · · Score: 3, Interesting

    However, the company later absolved Piatti of responsibility when investigators found ...

    I hope that if I get accused of any crimes that Microsoft absolves me. After they complete their investigation, of course.

    Holy shit.

    --
    http://marriedmansexlife.com/
    1. Re:WTF? Absolved of crime by Microsoft? by Gadget_Guy · · Score: 1

      I hope that if I get accused of any crimes that Microsoft absolves me.

      As in this case, they will only absolve you of crimes of which they themselves have accused you. This accusation never had any legal backing other than the lawsuit brought about by Microsoft, so it is not as if the company was preempting an official investigation.

      So don't go breaking in to your neighbor's house and hope that Microsoft will absolve you of your crime. You will need to become a priest if you are looking for an organisation to shield you from the legal system.

    2. Re:WTF? Absolved of crime by Microsoft? by rohan972 · · Score: 1

      This accusation never had any legal backing other than the lawsuit brought about by Microsoft, so it is not as if the company was preempting an official investigation.

      You're underestimating their power. Nobody has ever been released from a Microsoft prison camp!

      --
      http://marriedmansexlife.com/