A Russian national namely Peter Yuryeich Levashov has pleaded guilty to operating the Kelihos botnet, which was used to launch a huge spamming and credential stealing campaign across the globe.
Levashov, a 38-year old resident of St. Petersburg, Russia, was presented before a Connecticut US District Court and admitted to being involved in a large number of various cybercriminal activities including the operation of the devastating Kelihos botnet.
Assistant Attorney General Brian Benczkowski said in a statement that:
“For over two decades, Peter Levashov operated botnets which enabled him to harvest personal information from infected computers, disseminate spam, and distribute malware used to facilitate multiple scams.”
It must be noted that the Kelihos botnet was launched in 2010 and infected over 50,000 machines to send out spam messages, steal login credentials, and spread banking Trojans and ransomware.
Botnets are basically devices that are hijacked and infected with malware to serve as potential sources of launching DDoS attacks against a variety of online platforms and to spread wide ranges spam campaigns. The Keilhos botnet was shut down by federal authorities last year.
The DOJ (Department of Justice) stated that the accused was responsible for controlling and operating multiple botnets since the 1990s. These include “the Storm, Waledac, and Kelihos botnets.” These botnets were used to steal personal information and identification data such as email IDs, usernames, and login/passwords from the hijacked computers or Internet-connected devices.
Levashov was charged officially in 2009 in the District of Columbia while he was busy operating the Storm botnet. The accused has remained on the list of the World’s Top Ten Worst Spammers, which was generated by Spamhaus, an antispam volunteer organization. He was arrested in April 2017, from Barcelona, Spain and was extradited to the US in February 2018 where he is in detention still. He will be sentenced on September 6, 2019.
The acquired data was then traded on the Dark Web and on average a single credit card number was sold on $12.
