Microsoft Reaches Settlement with Piatti, dotFREE Group in Kelihos Case
Last month, we wrote about how Microsoft and a partners, Kyrus and Kaspersky, took down a Kelihos botnet and that for a initial time, Microsoft took a step of fixing specific defendants in a polite box involving a botnet. In a legal case ancillary a Kelihos takedown, Microsoft sued defendants Dominique Alexander Piatti, dotFree Group S.R.O. and John Does 1 by 22 compared with a IP addresses and Internet domains purported to be concerned in a authority and control structure for a Kelihos botnet.
Today, I’m gratified to contend that Microsoft has reached a settlement with defendants Dominique Alexander Piatti and his company, dotFREE Group SRO, and will be dismissing a lawsuit opposite them pursuant to a agreement. However, a box for a remaining John Does stays open, as Microsoft continues a review to reason those obliged for a Kelihos botnet.
Since a Kelihos takedown, we have been in talks with Mr. Piatti and dotFREE Group s.r.o. and, after reviewing a justification willingly supposing by Mr. Piatti, we trust that conjunction he nor his business were concerned in determining a subdomains used to horde a Kelihos botnet. Rather, a controllers of a Kelihos botnet leveraged a subdomain services offering by Mr. Piatti’s cz.cc domain.
As partial of a settlement, Mr. Piatti has concluded to undo or send all a subdomains used to possibly work a Kelihos botnet, or used for other deceptive purposes, to Microsoft. Additionally, Mr. Piatti and dotFREE Group have concluded to work with us to emanate and practice best practices to forestall abuse of giveaway subdomains and, ultimately, request these same best practices to settle a secure giveaway Top Level Domain as they enhance their business going forward. Mr. Piatti and dotFree Group will continue to work with Microsoft to turn a purpose indication for a giveaway domain industry, substantiating attention best practices in a subdomain space.
We’re really gratified by a outcome for several reasons. First, this allotment allows us to pierce brazen with a review to expose a other people behind a botnet, listed in a justice papers as John Does 1-22. Second, by gaining control of a subdomains, we are afforded an inside demeanour during a Kelihos botnet, giving us a event to learn that singular IP addresses are putrescent with a botnet’s malware.
If anyone believes their mechanism might be putrescent with Kelihos malware, greatfully revisit http://support.microsoft.com for giveaway information and collection to assistance get absolved of this and other malware. People should also practice counsel when surfing a Web, clicking on ads or opening e-mail attachments that might infer to be malicious. More information about staying protected online can be found during http://www.microsoft.com/protect and on a DCU Newsroom.
This box and this operation are ongoing, and we will continue to share new information as we pierce forward. To follow this and Microsoft’s ongoing work to fight digital crime, follow a Digital Crimes Unit on Facebook and Twitter.
Posted by Richard Domingues Boscovich
Senior Attorney, Microsoft Digital Crimes Unit