In April 2017, the United States Department of Justice announced that Peter Yuryevich Levashov (36) (also known as Petr Levashov, Peter Severa, Petr Severa and Sergey Astakhov) was arrested in Barcelona for his involvement with the infamous Kelihos botnet. Levashov was extradited to the United States in February.
“Peter Yuryevich Levashov, aka “Petr Levashov,” “Peter Severa,” “Petr Severa” and “Sergey Astakhov,” 38, of St. Petersburg, Russia, pleaded guilty today in U.S. District Court in Hartford, Connecticut, to offenses stemming from his operation of the Kelihos botnet, which he used to facilitate malicious activities including harvesting login credentials, distributing bulk spam e-mails, and installing ransomware and other malicious software.” states the press release published by the DoJ.
Levashov on Wednesday pleaded guilty in U.S. District Court in Hartford, Connecticut, to one count of causing intentional damage to a protected computer, one count of conspiracy, one count of aggravated identity theft, and one count of wire fraud.
According to a study conducted by CheckPoint Security, a malware landscape was characterized by some interesting changed in this first part of 2017.
The Kelihos botnet climbed to the top position, while the Conficker worm dropped to fourth on the chart of malware.
Levashov has operated several botnets between since the late 1990s, for example, two other botnets tracked as Storm and Waledac borrow the code with Kelihos, both have been attributed to Levashov.
“For over two decades, Peter Levashov operated botnets which enabled him to harvest personal information from infected computers, disseminate spam, and distribute malware used to facilitate multiple scams,” said Assistant Attorney General Benczkowski.
“Mr. Levashov used the Kelihos botnet to distribute thousands of spam e-mails, harvest login credentials, and install malicious software on computers around the world,” said U.S. Attorney Durham. “He also participated in online forums on which stolen identities, credit card information and cybercrime tools were traded and sold. For years, Mr. Levashov lived quite comfortably while his criminal behavior disrupted the lives of thousands of computer users. “
The DoJ speculated Levashov sent spam urging recipients to buy shares as part of a “pump and dump” scam, among other naughtiness.
The Russian hacker was accused to have used the Kelihos botnet for spam campaign that advertised various criminal schemes, including pump-and-dump stock fraud.
The activity conducted by the Kelihos, Storm and Waledac botnets was very profitable, prosecutors believe they allowed crooks to earn hundreds of millions of dollars
“For years, Mr. Levashov lived quite comfortably while his criminal behavior disrupted the lives of thousands of computer users,” said U.S. Attorney John H. Durham of the District of Connecticut. “Thanks to the collaborative work of the FBI and our partners in law enforcement, private industry and academia, a prolific cybercriminal has been neutralized, and has now admitted his guilt in a U.S. courtroom.”
The sentence has been scheduled for September 6, 2019, likely because the man is now helping law enforcement agencies on investigations on other cybercrime operations.
(Security Affairs – Kelihos, malware)