Microsoft has dismissed a lawsuit against a company it contended a month ago was at the heart of the now-defunct Kelihos botnet.
In September, Microsoft named Dominique Piatti and his company dotFree Group SRO as controllers of the botnet. The move marked the first time Microsoft had named a defendant in one of its botnet-related civil suits.
“Since the Kelihos takedown, we have been in talks with Mr. Piatti and dotFREE Group s.r.o. and, after reviewing the evidence voluntarily provided by Mr. Piatti, we believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet,” blogged Richard Domingues Boscovich, Senior Attorney for Microsoft’s Digital Crimes Unit. “Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti’s cz.cc domain.”
As part of the settlement, Piatti agreed to delete all the subdomains used to either operate the Kelihos botnet or for other illegitimate purposes or to transfer those subdomains to Microsoft. In addition, Piatti and dotFree Group will work with Microsoft to implement best practices to prevent abuse of free subdomains and use these best practices to establish a secure free Top Level Domain as they expand their business going forward.
Kelihos is just the latest botnet Microsoft has sought to take down through litigation. In 2010, the company targeted Waledac. Prior to the takedown, Microsoft estimated that Waledac infected hundreds of thousands of PCs, and had the ability to blast out more than 1.5 billion spam email messages per day. Between Dec. 3, 2009, and Dec. 21, 2009, the botnet was responsible for roughly 651 million spam messages hitting Hotmail accounts alone, according to the company.
In regards to Kelihos, Boscovich said Microsoft is continuing its legal fight against the 22 “John Does” listed as co-defendants in the lawsuit. The settlement, he noted, allows Microsoft to move forward with its investigation to uncover the other defendants and gives the company the opportunity to learn what unique IP addresses are infected with the botnet’s malware.
“As a provider of free service we were always concerned by the potential for abuse, and learned (sometimes the hard way) that security should never be underestimated,” dotFree said in a statement posted online. “No one wants to be handed a thick binder by a stranger at your nearby coffee shop saying “Microsoft is suing you”! Moving forward, we are pleased that Microsoft will continue working with dotFree and help us develop best practices for free domains and our .free Top Level Domain.”
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
