Russian Man Charged in Botnet Scheme

Monday, April 24, 2017 @ 02:04 PM gHale


A Russian computer programmer being held in Spain ended up charged in the United States Friday with running a huge botnet, officials said.

Pyotr Levashov, 36, ended up charged on Friday in the U.S. with one count of causing intentional damage to a protected computer, one count of conspiracy, one count of accessing protected computers in furtherance of fraud, one count of wire fraud, one count of threatening to damage a protected computer, two counts of fraud in connection with email and one count of aggravated identity theft.

RELATED STORIES
Russian Man to do 27 Years for Hacking
NY Men Guilty in ATM Theft Plan
Feds Move to Tear Apart Kelihos Botnet
Fired Worker Guilty of Hacking System

Levashov, who went online under several nicknames – one of which was “Peter Severa” (i.e. Peter of the North) – ended up arrested in Barcelona on April 7 while on vacation with his family. He is a resident of St. Petersburg, Russia.

Levashov stands accused of controlling and operating the Kelihos botnet to harvest personal information and means of identification (including email addresses, usernames and logins, and passwords) from infected computers.

To further the scheme, Levashov is also accused of disseminating spam and distributing other malware – such as banking Trojans and ransomware, and advertising the Kelihos botnet spam and malware services to others for purchase in order to enrich himself.

According to the indictment, during any 24-hour period, the Kelihos botnet generated and distributed more than 2,500 unsolicited spam emails that advertised various criminal schemes, including deceptively promoting stocks in order to fraudulently increase their price (so-called “pump-and-dump” stock fraud schemes).

Levashov has been detained since his arrest, and the U.S. Justice Department is seeking his extradition.

On April 10, U.S. authorities said they have taken action to dismantle the Kelihos botnet, by sink-holing three domains used to control the botnet and redirecting the traffic from compromised computers to servers under their control.



Leave a Reply

You must be logged in to post a comment.