Microsoft alleges role of anti-virus firm employee behind Kelihos disaster

Microsoft has alleged that a former computer security employee had sent out about 3.8bn spam emails a day, which caused the Kelihos botnet in 2008.

However, Andrey Sabelnikov is said to have worked at Agnitum, a Russian anti-virus firm between 2005 and 2008, without any suspicion of his involvement in the botnet episode.

Kelihos is a network of about 41,000 compromised computers held by bot ‘herders’ or ‘masters’.

In an amended complaint with a US District Court, Andrey Sabelnikov has been named as the new defendant.

As a part of MARS (Microsoft Active Response for Security), the company disabled the botnet in September, and around that time, it named defendants behind the "cz.cc" domains for infitrating computers.

Sabelnikov is alleged to have purchased 3,723 of the sub-domains.

Microsoft says the case is far from over, though the botnet has gone inactive.

The software associated with the control of Kelihos identifies Sabelnikov as culprit.

Sabelnikov is said to be currently employed as a freelancer.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up