Microsoft Announces That The Kelihos Botnet Was Operated By An Employee Of An Antivirus Company
By Alex Dumitru- January 24, 2012
- Software
Ever since Bill Gates left the company, it seems like Microsoft is trying very hard not to pose like bad company. The trend was started by the company’s founder who decided that he can use his enormous fortune to cure polio and provide other vaccines to people living in Africa. On the other hand, the company is currently on a virus rampage as it “killed” a couple of spam firms as well as several botnets. Last year, Microsoft destroyed a botnet called Kelihos, and it decided that it would be better to look deeper to find out who created the virus.
According to Microsoft, Kelihos was created by Andrey N. Sabelnikov. The Russian person is believed to have written Kelihos and the one who made it so powerful. The botnet was used to send billions of spam emails as well as stealing personal information. In addition, the Redmond-based company accuses Sabelnikov for using Kelihos to organize several scams.
The problem in this case is not that simple because Microsoft has presented strong evidence that Sabelnikov was working as a software engineer for a company that developed antivirus software. The firm hasn’t been mentioned but it seems like Andrey was also a project manager and was actively involved in creating firewalls, security programs, and other antivirus software.
Although Microsoft and Kaspersky have shut down the Kelihos botnet, there are thousands computers still infected by this malware. One of botnet’s advantage was that there are still enough people who fall into the trap of rogue antivirus programs. Kelihos was posing as an antivirus which allegedly found malware on your computer, only to find a way into your PC.
The case against Sabelnikov is pretty serious considering the fact that he know how to fool real antivirus programs because he was working inside a company which created such software.
Microsoft announced that Sabelnikov’s name was revealed by Dominique Alexander Piatti and dotFREE Group, both defendants who were charged in October in the same case. The company struck a deal with the two parties who revealed that Andrey was the man behind the Kelihos botnet.
Andrey Sabelnikov currently operates as a freelancer at a consulting firm, and his computer programming degree comes from St. Petersburg’s State University of Aerospace Instrument Engineering.
In this case, Dominique Alexander Piatti and dotFREE Group were the owners of the domains that Andrey was using to operate Kelihos. The terms of the settlement between Microsoft and these two parties are unknown, and it remains to be seen whether the Sabelnikov will find a way to get the forgiveness of the Windows maker.
2 Responses
The problem isn’t that he could find flaws in the software because he was working there. Flaws are usually found without having access to any source-code at all. Heck, open-source software is just as secure, if not more, and everyone has access to it.
The problem is that he was in a position to introduce back doors into the code that he could exploit, while maintaining largely secure software. On top of that, if they’re any hidden flaws the company knew about but wanted to keep hidden, he would be in a position to exploit them.