Microsoft settles with second Kelihos botnet suspect

Microsoft has settled a lawsuit with a Russian software programming who admits he wrote the code used for malware that infected 41,000 computers worldwide, according to today's blog post from Richard Domingues Boscovich, an assistant general council for Microsoft.

The case centered around the Kelihos botnet, a series of infected computers that Microsoft said was able to send 3.8 billion spam e-mails per day before the company stopped it last September. While programmer Andrey N. Sabelnikov admits to writing the code, he was not the operator of the botnet and was not involved in those activities, according to a joint statement issued by both parties:

"During the negotiations, after reviewing the evidence provided by Microsoft and engaging in discussions, the parties have come to an understanding that Mr. Sabelnikov wrote code that was used in the Kelihos botnet code, but the programmer is not the operator of the botnet or involved in its activities," the statement reads. "After a review and understanding of all of the details of the case, the parties were able to enter into a confidential settlement agreement in this matter, which resolves the dispute between the parties."

Microsoft amended a lawsuit in January, alleging that Sabelnikov wrote the code for and participated in the creation of the Kelihos malware. Sabelnikov denied the charges soon afterward.

The company originally filed suit against Czech resident Dominique Alexander Piatti, Dotfree Group SRO, and 22 John Does of using malware to infect victims' computers to send unregulated pharmaceutical and other spam, harvest e-mails and passwords, conduct fraudulent stock scams and, in some cases, promote sites dealing with sexual exploitation of children.

Microsoft settled with Piatti and his company, who agreed to delete or transfer to Microsoft all the subdomains that were used to operate the botnet or for other illegitimate purposes.