Accused Kelihos malware mastermind protests his innocence

Accused Kelihos botmaster protests his innocence

Andrey Sabelnikov's LinkedIn photographAndrey Sabelnikov, who Microsoft accused last week of being the mastermind behind the Kelihos botnet, has protested his innocence.

The 31-year-old programmer from St Petersburg became the subject of headlines around the world after Microsoft told US courts that they believed he created the Kelihos malware, and alleged that he “used the malware to control, operate, maintain and grow the Kelihos botnet”.

According to Microsoft, up to 4 billion spam emails were sent every day by computers infected by the malware and commandeered into the Kelihos botnet.

What particularly raised eyebrows is Sabelnikov’s background – which includes a stint working as a senior developer and product manager at Agnitum, a Russian firm well-known for its firewall and other security software.

There is no suggestion that Agnitum are connected with the allegations, or that their security software – which includes anti-virus products – are compromised in any way.

Sabelnikov, however, hasn’t taken the accusations lying down. Instead, he’s turned to his LiveJournal account where he posted a statement:

Statement by Sabelnikov

Part of Sabelnikov’s statement reads (after translation by Google):

I did not commit this crime, have never participated in the management of botnets and any other similar programs, and especially not extracted from it any benefit.

Sabelnikov’s blog entry also explains that news of the charges leveled by Microsoft broke while he was on a business trip to the United States. However, he decided to cut short his trip to return home to Russia.

What remains unclear is what will happen next in this case. Russian law forbids the extradition of its citizens to face trial in foreign countries, so it seems it will be Sabelnikov’s decision whether he chooses to argue his innocence in a US court of law.