Microsoft has dropped a civil suit against a suspect it alleged was backing the Kelihos botnet it moved to take down last month.
Microsoft dropped a claim against Czech resident Dominque Piatti and his company dotFree Group SRO after reaching a settlement and reviewing evidence that showed he was not backing the botnet.
“We believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet. Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti’s cz.cc domain,” said Richard Domingues Boscovich Microsoft’s Digital Crimes Unit senior attorney on Wednesday.
In September Microsoft claimed its case against Piatti was a “significant advance” in its war on botnets since it was the first of its three takedowns in which a defendent had been named.
The 22 John Does it also accused of operating the domain cz.cc to register other subdomains used to control Kelihos remain unidentified and Microsoft’s case against them remains open.
Microsoft’s settlement with Piatti included his company deleting or handing to Microsoft subdomains that supported criminal activities or the Kelihos botnet.
“By gaining control of the subdomains, we are afforded an inside look at the Kelihos botnet, giving us the opportunity to learn which unique IP addresses are infected with the botnet’s malware,” said Boscovich.
Piatti also agreed to become a “role model” for the domain industry by working with Microsoft to establish a secure free Top Level Domain as a showcase for “industry best practices”.
Follow @CSO_Australia and sign up to the CSO Australia newsletter.