Kelihos botnet operator was technical expert at Antivirus company

Yesterday Microsoft reported about surprising findings in one of Russian antivirus firms – according to the announcement, one of its former technical experts, Andrey N. Sabelnikov, was found to be included in a coordination of the global spam machine called the Kelihos botnet. Thanks to Microsoft, this Botnet was taken down one year ago.

According to Microsoft Blog, a 31-year-old man from St. Petersburg, Russia, was found to be responsible for the botnet’s operations and also worked at a company selling firewall, antivirus and security software. Though it is not specified where exactly Sabelnikov worked, it is known that he was a software engineer and project manager. However, after a little research on the Web it seems that he?  worked for Agnitum, which is known for its free firewall program called Outpost, and then for Teknavo working with financial sector software.

The fact that Sabelnikov is connected to the Kelihos malware was discovered after obtaining a copy of the source code to Kelihos. It was simply noticed that the source contained debug code that downloaded a Kelihos malware installer from the domain sabelnikov.net which is registered to Sabelnikov’s name. In addition, this website redirects to Sabelnikov’s profile page at one of Russian social networking site’s known as Vkontakte.ru.

Source: krebsonsecurity.com


Files
Software
Compare
Like us on Facebook