On 23 January Microsoft filed amended papers in a Virginia court naming a Russian computer professional, Andrey Sabelnikov, as the operator of the Kelihos botnet. Kelihos was a botnet taken down by Microsoft, Kyrus Inc, and Kaspersky Labs last September, and now under the physical control of Kaspersky. Sabelnikov was in the United States at the time of the amended papers, but quickly left.
Back in Russia, he has explained his rapid departure and declared his innocence. With neither sufficient knowledge of US legal process, he writes, nor funds to employ counsel, he decided to return to Russia and defend himself under more familiar Russian law.
"I did not commit this crime, [have] never participated in the management of botnets [nor] any other similar programs, and especially not extracted from it any benefit," he writes in his LiveJournal post.
Russian law forbids the extradition of its own citizens to a foreign country, so any further practical action against Sabelnikov would have to take place in Russia, or following a voluntary return to the United States or visit to a country with an extradition treaty.