Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Microsoft Dismisses Lawsuit Against Firm in Kelihos Botnet Case

Microsoft has dismissed a lawsuit against a company it contended a month ago was at the heart of the now-defunct Kelihos botnet.

In September, Microsoft named Dominique Piatti and his company dotFree Group SRO as controllers of the botnet. The move marked the first time Microsoft had named a defendant in one of its botnet-related civil suits.

Microsoft has dismissed a lawsuit against a company it contended a month ago was at the heart of the now-defunct Kelihos botnet.

In September, Microsoft named Dominique Piatti and his company dotFree Group SRO as controllers of the botnet. The move marked the first time Microsoft had named a defendant in one of its botnet-related civil suits.

“Since the Kelihos takedown, we have been in talks with Mr. Piatti and dotFREE Group s.r.o. and, after reviewing the evidence voluntarily provided by Mr. Piatti, we believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet,” blogged Richard Domingues Boscovich, Senior Attorney for Microsoft’s Digital Crimes Unit. “Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti’s cz.cc domain.”

As part of the settlement, Piatti agreed to delete all the subdomains used to either operate the Kelihos botnet or for other illegitimate purposes or to transfer those subdomains to Microsoft. In addition, Piatti and dotFree Group will work with Microsoft to implement best practices to prevent abuse of free subdomains and use these best practices to establish a secure free Top Level Domain as they expand their business going forward.

Kelihos is just the latest botnet Microsoft has sought to take down through litigation. In 2010, the company targeted Waledac. Prior to the takedown, Microsoft estimated that Waledac infected hundreds of thousands of PCs, and had the ability to blast out more than 1.5 billion spam email messages per day. Between Dec. 3, 2009, and Dec. 21, 2009, the botnet was responsible for roughly 651 million spam messages hitting Hotmail accounts alone, according to the company.

In regards to Kelihos, Boscovich said Microsoft is continuing its legal fight against the 22 “John Does” listed as co-defendants in the lawsuit. The settlement, he noted, allows Microsoft to move forward with its investigation to uncover the other defendants and gives the company the opportunity to learn what unique IP addresses are infected with the botnet’s malware.

“As a provider of free service we were always concerned by the potential for abuse, and learned (sometimes the hard way) that security should never be underestimated,” dotFree said in a statement posted online. “No one wants to be handed a thick binder by a stranger at your nearby coffee shop saying “Microsoft is suing you”! Moving forward, we are pleased that Microsoft will continue working with dotFree and help us develop best practices for free domains and our .free Top Level Domain.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.