The Estonian national Pavel Tsurkan has pleaded guilty in a United States court to two counts of computer fraud and abuse.
According to court documents, Pavel Tsurkan (33) operated a criminal proxy botnet composed of more than 1,000 devices. The IoT botnet was tracked as the “Russian2015” because it was using the domain Russian2015.ru.
The infected devices were acting as a proxy to transmit third-party internet traffic, then operators were offering it for rent to threat actors that used it to conduct multiple malicious activities.
“He then sold access to global cybercriminals who channeled their traffic through the victims’ home routers, using the victims’ devices to engage in spam campaigns and other criminal activity. The Alaska victims experienced significant data overages even when there were no home computers connected to the victims’ home networks. The data overages resulted in hundreds to thousands of dollars per victim.” reads the press release published by DoJ.
The hacker compromised more than 1,000 computers and routers worldwide, DoJ reported that at least 60 victims are in Alaska.
“Today’s cybercriminals rely on increasingly sophisticated techniques to hijack computers and personal electronic devices for their criminal activities. Botnets like the ‘Russian2015’ are a dangerous threat to all Americans and today’s guilty plea demonstrates we can and will hold accountable foreign cybercriminals and their enablers,” said Acting U.S. Attorney Bryan Wilson, District of Alaska. “Our success in disrupting this botnet was the result of a strong partnership between private industry experts and law enforcement.”
The man will be sentenced on November 10, 2021, he faces up to 10 years in prison.
(SecurityAffairs – hacking, cybercrime)