Microsoft's Kelihos botnet suspect says he's innocent

St. Petersburg, Russia-based Andrey N. Sabelnikov says he is "absolutely not guilty" of participating in the creation of the huge spam network that Microsoft shut down last September.

Edward Moyer
Edward Moyer Senior Editor
Edward Moyer is a senior editor at CNET and a many-year veteran of the writing and editing world. He enjoys taking sentences apart and putting them back together. He also likes making them from scratch. ¶ For nearly a quarter of a century, he's edited and written stories about various aspects of the technology world, from the US National Security Agency's controversial spying techniques to historic NASA space missions to 3D-printed works of fine art. Before that, he wrote about movies, musicians, artists and subcultures.
Expertise Wordsmithery. Credentials Ed was a member of the CNET crew that won a National Magazine Award from the American Society of Magazine Editors for general excellence online. He's also edited pieces that've nabbed prizes from the Society of Professional Journalists and others.

The man pegged by Microsoft as the mastermind behind the Kelihos botnet, says he's not guilty, according to a report.

The BBC said today that Andrey N. Sabelnikov, a former employee of antivirus company Agnitum, had contacted the news agency to say that he was "surprised and shocked" by Microsoft's claim and would "prove his innocence." The BBC also quoted a blog post by Sabelnikov that said he was "absolutely not guilty":

I was very surprised and shocked to read in the press that I was being accused of a grievous crime in connection with the Kelihos botnet.
I am absolutely not guilty, have never been involved in handling botnets or any other similar programs, and what is more have never made any profit from such activity. I want to highlight that I have no connection either to the activity of Kelihos or to the distribution of spam.
Unfortunately, the avalanche of publications in the press, referencing inaccurate and distorted information, has inadvertently inflicted a great deal of psychological damage on the companies for whom I have worked or am working, and also adversely affected their business reputation.

In an amended complaint filed yesterday with the U.S. District Court for the Eastern District of Virginia, the software giant accused Sabelnikov, a resident of St. Petersburg, Russia, of writing the code for, and participating in the creation of, the Kelihos malware. The complaint further alleges that Sabelnikov used the malware to control and nurture the Kelihos botnet.

Kelihos comprised about 41,000 infected computers worldwide and was capable of sending 3.8 billion spam e-mails per day before Microsoft put a stop to it last September, according to the company.

Microsoft's lawsuit, originally filed in September, accused Czech resident Dominique Alexander Piatti, Dotfree Group SRO, and John Does 1-22 of using malware to infect victims' computers to send unregulated pharmaceutical and other spam, harvest e-mails and passwords, conduct fraudulent stock scams and, in some cases, promote sites dealing with sexual exploitation of children.

Microsoft settled with Piatti and his company, who agreed to delete or transfer to Microsoft all the subdomains that were used to operate the botnet or for other illegitimate purposes. Microsoft credited Piatti's cooperation in the case as leading to Sabelnikov and evidence against him.

The company told the BBC that it stands by its charge against Sabelnikov:

"As this is a case pending in court, we cannot comment further except to say that we look forward to seeing Mr. Sabelnikov in court so we can continue this discussion," the news agency quoted a senior attorney for Microsoft's Digital Crime Unit, Richard Boscovich, as saying.

CNET's Steven Musil contributed to this report.