Microsoft has named a 31-year-old Russian, who used to work at a firm producing anti-virus and firewall software, believing him to be responsible for attacks perpetrated by the Kelihos botnet. Microsoft, released this information in the blog saying, Since taking down the Kelihos botnet with our partners Kyrus Inc. and Kaspersky Labs in September, the Microsoft Digital Crimes Unit has continued to actively investigate the case and pursue new leads with the goal of holding the perpetrators behind the botnet accountable for their actions.
In an amended complaint filed today with the U.S. District Court for the Eastern District of Virginia, Microsoft alleges that Andrey N. Sabelnikov, a citizen of Russia, is responsible for the operations of the Kelihos botnet. 
Mr. Sabelnikov is not the first to be named as a defendant in this case, which has already served as the legal foundation for the successful disruption of a global botnet harming thousands of victims worldwide. In the original complaint filed in September, Microsoft alleged that Dominique Alexander Piatti, dotFREE Group SRO and John Does 1-22 owned a domain cz.cc and used cz.cc to register other subdomains such as lewgdooi.cz.cc used to operate and control the Kelihos botnet.
According to his public LinkedIn profile, from 2005-2007 he was a senior developer and product manager at Agnitum, a Russian security firm well-known for its firewall software.
There is no suggestion that Agnitum are connected with the allegations, or that their security software – which includes anti-virus products – are compromised in any way.
Although the Kelihos botnet remains inactive since the successful take down in September, thousands of computers are still infected with its malware. Please visit support.microsoft.com/botnets for free information and tools to clean your computer from malicious software, and visit http://www.microsoft.com/security for more information on online safety and security.
This case is certainly not over. Look for more updates as the Kelihos investigation and Microsoft’s overall fight to disrupt botnets continue. You can also follow the Microsoft Digital Crimes Unit on Facebook and Twitter.
UPDATE 1.31.2012 – BBC News has been contacted by Russian suspect Andrey Sabelnikov, he has denied the accusations, and said “I will prove my innocence.”
Microsoft when contacted stood by the earlier accusation that Mr. Sabelnikov was behind the massive botnet.