Microsoft Drops Suit Against Firm In Botnet Case

wiredmikey writes "Microsoft has dismissed a lawsuit against a company it contended a month ago was at the heart of the now-defunct Kelihos botnet. In September, Microsoft named Dominique Piatti and his company dotFree Group SRO as controllers of the botnet. The move marked the first time Microsoft had named a defendant in one of its botnet-related civil suits. 'Since the Kelihos takedown, we have been in talks with Mr. Piatti and dotFree Group s.r.o. and, after reviewing the evidence voluntarily provided by Mr. Piatti, we believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet,' blogged Richard Domingues Boscovich, Senior Attorney for Microsoft's Digital Crimes Unit. 'Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti's cz.cc domain.' In regards to Kelihos, Boscovich said Microsoft is continuing its legal fight against the 22 'John Does' listed as co-defendants in the lawsuit."

Defamation, anybody?

[Anonymous Coward]

That's a serious accusation to make, especially when lacking in adequate evidence to support such a claim.

FTA: As part of the settlement, Piatti agreed to delete all the subdomains used to either operate the Kelihos botnet or for other illegitimate purposes or to transfer those subdomains to Microsoft. In addition, Piatti and dotFree Group will work with Microsoft to implement best practices to prevent abuse of free subdomains and use these best practices to establish a secure free Top Level Domain as they expand their business going forward.

What exactly does Piatti get in exchange for the damage to his company's reputation?

Re:

[khallow]

There are two things to note here. It looks similar to plea bargains in criminal court cases where the defendant pleads to a lesser offense in exchange for cooperation on other targets of investigation. Second, we don't actually know that Piatti was innocent of these charges. The mere fact that they're acquiescing so readily tells me that they probably were looking at serious charges, even if the original ones were pure slander (and those may well have not been!).

Re:

[realityimpaired]

Or maybe that they were acting in good faith and were unwittingly helping the botnet people do their nefarious work, and that now that they have egg on their face, they welcome the chance to have help establishing procedures that would prevent it from happening again?

Never ascribe to malice that which can adequately be explained by incompetence.

Re:

[khallow]

Never ascribe to malice that which can adequately be explained by incompetence.

And never ascribe to incompetence that which can be explained by self-interest.

Re:Defamation, anybody?

[Runaway1956]

What does Piatti get? He gets a bot-free business. Damage to his company's reputation? That's HIS problem, seeing that he carelessly allowed his domains to be used for bot-netting. He caused the damage himself, by way of neglect.

I don't even like Microsoft, and I resent the fact that you have forced me to defend Microsoft. FFS, AC, have you no sense at all? If the White House were to come under cybernetic attack, and the majority of those attacks appeared to originate from my house, you bet your ASS that the Secret Service will be knocking on my door, with a battering ram! They will confiscate every electronic device I own, they will confiscate my ass, and they will publicize my arrest around the world.

In which case, I will be solely responsible for the "damage" to my reputation, for having failed to secure my computers.

Re:

[bill_mcgonigle]

In which case, I will be solely responsible for the "damage" to my reputation, for having failed to secure my computers.

No, you'd be solely to blame for the failure to secure your computers, but you wouldn't be responsible for the attack which is the action of an unassociated third party - you'd not be guilty of aiding them or being part of a conspiracy. http://en.wikipedia.org/wiki/Mens_rea [wikipedia.org] Perhaps people would do a better job at security if this was different, but that has large risks as well.

The more tr

Re:

[bill_mcgonigle]

You really think that a cyber attack on the White House is going to be prosecuted in civil court?

I'm not arguing that it shouldn't be, but I'm certain it won't be.

Re:

[adolf]

Meh. A lot of things respond poorly to various patterns.

Walking into a bank with a hand in your pocket and a demand for money elicits a poor response.

Escalating a disagreement with another person to the extent of dismemberment elicits a "poor response," and the jury won't care who was "right."

And sending a certain pattern of signalling to the White House's computers will also elicit a poor response, just as setting the pins on a lock (which does not belong to you) in a certain orientation may bring about a

Re:

[peppepz]

This is not the way things work in a state of rights. In particular, you usually can't get arrested for things you haven't done.

In some countries, unjustly accusing people of having committed a crime is itself a crime.

Re:

[ozmanjusri]

you bet your ASS that the Secret Service will be knocking on my door, with a battering ram!

Doesn't it worry you that you're endowing a private (and frequently predatory) company with government responsibilities and powers?

The US Secret Service has a mandate to protect your nation's leaders, visiting world leaders, national special security events, and the integrity of the nation's currency. Microsoft has a mandate solely to take money from you, yet you're giving them virtual search and seizure powers.

Re:

[Runaway1956]

Actually, no. I haven't researched just how they identified the botnet. It's possible that they exceeded any reasonable authority to do so. But, once the botnet was identified, it seems that they went to court, seeking reparations, and to shut the net down. That much seems reasonable. I would do as much. Search and seizure? It would seem that the court did that, after being presented with some reasonable evidence.

As I already said, I don't even like Microsoft. But, I can't go for mindlessly bashing

Re:

[Xest]

"If the White House were to come under cybernetic attack, and the majority of those attacks appeared to originate from my house, you bet your ASS that the Secret Service will be knocking on my door, with a battering ram!"

Cybernetic attack?

If it was a cybernetic attack then I think the secret service would have more to worry about than you as I suspect it would look more like Rise of the Machines than it would Hackers.

Yes this is just a typical Slashdot pedant post, I just couldn't help but point out that cy

Usual Slashdot response

[SharkLaser]

The usual Slashdot response is to put a bullet into botnet owners heads or nuke them from orbit, no questions asked. Well, in this case there would be an innocent man dead. It just shows it isn't always so easy to find them.

Re:

[Anonymous Coward]

According to the Source Code of Hammurabi both parties should be killed, just to be sure.

Re:

[shutdown -p now]

Isn't that the part where you throw both parties in the river, and the one that doesn't drown is guilty?

now-defunct Kelihos bonnet

[Anonymous Coward]

Damn that evil headwear!

Re:

[Nidi62]

There's a bee in my bonnet!

There needs to be another t in your bonnet, too

Operating Systems

[jimpop]

I wonder what OSes Mr. Piatti uses. I wonder they will be the same ones next year.

What are you implying?

[Anonymous Coward]

So what exactly are you implying here? Say it flat out. Don't pussyfoot around it. Instead of making indirect accusations, man up and actually say exactly what we all know you're trying to say.

Re:

[kermidge]

Man up? Might be a more credible exhortation if not posted AC, no?

Re:

[bill_mcgonigle]

Man up? Might be a more credible exhortation if not posted AC, no?

OK, 'kermidge' (don't get me wrong, I find an AC slapfight as funny as anybody else).

Re:

[kermidge]

Hi, Bill. Thanks; sorry 'bout the snark, was only into second cuppa, and couldn't resist.

I've been using "kermidge" for a decade, there's only one other on the 'net that I've found (and I'm not sure about him), but there are thousands with my "real" name.

Re:

[Bungie]

No, Microsoft really doesn't give a sh*t about which OS is used to host a bunch of DNS servers, and they don't give away Window Server licenses to any company because that's their biggest money maker: selling their server products to corporations.

MS could care less about home users pirating a $130 copy of Windows 7. The real money is in selling $1000+ server licenses to companies for many servers, as well as having to buy things like seat licenses and other expensive server products (like SharePoint). Plus

Re:

[Runaway1956]

http://www.google.com/search?cx=w&sourceid=chrome&client=ubuntu&channel=cs&ie=UTF-8&q=microsoft+donate+Windows [google.com]

Of those hits, this one seems to be more to the point than the rest I've looked at:
http://www.encludeit.org/node/2494 [encludeit.org]

There is nothing that "MS could care less about" when it comes to computing. MS has engaged in one of the biggest social engineering experiments in history. They are actively engaged in conditioning children worldwide, to use Microsoft products.

So, yes, they woul

"the now-defunct Kelihos bonnet"?

[Anonymous Coward]

Surely that should be botnet, not bonnet. Turn off autocorrect.

Re:

[Mathness]

Nah, it is part of car analogies often used on /. :D

Re:

[Smallpond]

They slammed the door on this lawsuit. It crashed and burned.

Microsoft is the judge now?

[Anonymous Coward]

"Microsoft has dismissed a lawsuit

I had no idea Microsoft was that powerful - isn't it normally judges who dismiss lawsuits?

Re:

[Lexx Greatrex]

The author should have written "settled" instead of "dismissed". All around this is a badly summarized article verging on "Troll" status. Surprised it got through? Nope.

No apology then

[folderol]

We falsely accused you, maybe made a sizable dent in you business, but that's OK. We're Microsoft and beyond all possible reproach.

Re:

[Anonymous Coward]

I'ts not a false accusation. The standards for malicious prosecution are actually quite high, and would require evidence of either severe incompetence or willful and reckless disregard for the truth.

However, since the botnet was controlled through their hosting services, it'll be a case of an acceptable interpretation of the information they had, and not punished.

Microsoft's apology probably goes something like this "Hey, sorry you weren't actually doing it yourselves, but just foolishly sold your service

Re:

[AftanGustur]

I'ts not a false accusation. The standards for malicious prosecution are actually quite high, and would require evidence of either severe incompetence or willful and reckless disregard for the truth.

However, since the botnet was controlled through their hosting services, it'll be a case of an acceptable interpretation of the information they had, and not punished.

If microsoft woudl just have looked at the "information they had" they would have figured out in 10 minutes that

A) the IP addresses of the bothet controllers did not belong to the company dotFree Group SRO and
B) The subdomain cz.cc used by the botnet controllers, is a free DNS service that anyone can use.

If you turned the table and accused Microsoft of something similar based on the same "evidence", you can be sure that Microsoft would sue you out of existence.

Open court

[AHuxley]

Would have seen much code and skills on display as a set of older OS's and a few new ones where examined?
The public face of MS's security experts been cross examined ...

Re:

[AHuxley]

Just like in old Europe, a black Mercedes van pulls up.
Men in black leather coats run up stairs and demand to see your license agreement with Microsoft ....

Re:

[cavreader]

"what specific harm are they suffering" They are not directly suffering a lot of harm from bot nets. It's the users who get harmed when their computers get botted and used to support criminal activities. The vast majority of these bots spread using social engineering attacks to dupe the users into infecting them selves. Bot attacks also take advantage of poor system administration practices to infect a system. No OS security can totally prevent these types of attacks. MS just seems to be the only IT compan

Re:

[Kalriath]

Actually, Microsoft is part of a consortium of IT companies who are on a rampage trying to find and sue out of existence all the botnet operators. There's an anti-virus vendor or two and possible a couple of major search engines in it as well.

I hate legal articles

[AK Marc]

Micorsoft can't "dismiss" a case. They can "drop" a case (drop being a non-technical term). But "dismiss" is a technical term. Only the Judge can dismiss a case. Microsoft can drop the case by requesting a dismissal, but if the defendants object to the dismissal (and they often do, because to accept it often blocks the "winner" collecting fees from the "loser"), then the judge will likely not dismiss the case. It's like the term "broadband" being misused constantly, with most fiber connections not bein