Microsoft Drops Lawsuit Against Kelihos Botnet Case Named Defendants

Microsoft will be dismissing the lawsuit against Dominique Alexander Piatti and dotFREE Group SRO, the named defendants in the case of the Kelihos botnet takedown, after a settlement was reached.

Richard Domingues Boscovich, Senior Attorney, Microsoft Digital Crimes Unit, stressed that the software giant will continue to pursue legal action against the remaining John Does, which it considers to be responsible for operating the Kelihos botnet.

Kelihos, considered the successor of Waledac and appropriately dubbed Waledac 2.0, was taken down at the end of September 2011 by Microsoft, Kyrus and Kaspersky.

The legal strategy accompanying the killing of Kelihos marked a first for the Redmond company, since, Microsoft sued Dominique Alexander Piatti and his company dotFree Group S.R.O., in addition to the usual list of unknown defendants, referred to as John Does.

“Since the Kelihos takedown, we have been in talks with Mr. Piatti and dotFREE Group s.r.o. and, after reviewing the evidence voluntarily provided by Mr. Piatti, we believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet,” Boscovich stated.

“Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti’s cz.cc domain.”

Boscovich stressed that it will continue to pursue legal action against all 22 of the John Does which are associated with IP addresses and Internet domains allegedly connected with the Kelihos botnet.

In this regard, Boscovich noted that the settlement is a step forward in bringing the cybercriminals operating Waledac 2.0 to justice. In addition to getting the chance to identify those responsible for Kelihos, the Redmond company also managed to gain insight into the botnet and how it operated.

“As part of the settlement, Mr. Piatti has agreed to delete or transfer all the subdomains used to either operate the Kelihos botnet, or used for other illegitimate purposes, to Microsoft. Additionally, Mr. Piatti and dotFREE Group have agreed to work with us to create and implement best practices to prevent abuse of free subdomains and, ultimately, apply these same best practices to establish a secure free Top Level Domain as they expand their business going forward,” Boscovich explained.

“Mr. Piatti and dotFree Group will continue to work with Microsoft to become a role model for the free domain industry, establishing industry best practices in the subdomain space.”