Microsoft settles suit against alleged botnet hoster

Microsoft said today that a Czech Republic-based provider of free domains has agreed to pull the plug on botnet activities using his subdomains, as part of a settlement of a lawsuit the software giant filed in September to shut down the Kelihos botnet.

The suit, filed in federal court in Virginia, named Dominique Alexander Piatti and his domain company, Dotfree Group SRO, as defendants, alleging that they were involved in hosting the Kelihos botnet. Infected computers in that operation, also known as "Waledac 2.0" after a previous botnet that Microsoft shut down last year, were used to send unregulated pharmaceutical and other spam, to harvest e-mails and passwords, to conduct fraudulent stock scams and, in some cases, to promote sites dealing with sexual exploitation of children. Subdomains also were allegedly used to spread the MacDefender scareware.

"Since the Kelihos takedown, we have been in talks with Mr. Piatti and dotFREE Group s.r.o. and, after reviewing the evidence voluntarily provided by Mr. Piatti, we believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet. Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti's cz.cc domain," Richard Domingues Boscovich, senior attorney for Microsoft's Digital Crimes Unit, wrote in a blog post.