Microsoft says Andrey Sabelnikov controlled Kelihos using 21 Internet domains bought from a Czech-based firm run by Alexander Piatti. Piatti was originally named as a defendant, but cooperated with Microsoft. Microsoft initially targeted those responsible for the domains used by the botnet. The company said some of the defendants sub domains may have been legitimate, but that many were being used for questionable purposes with links to disreputable online activities. The civil complaint follows the coordinated take down of KelihOS in September.
Source: https://threatpost.com/microsoft-adds-kelihos-botnet-operator-civil-complaint-012412/76137/