reports that the US has convicted Russian national Oleg Koshkin for operating a malware crypter service, which the Kelihos botnet leveraged for malware payload obfuscation and detection avoidance.
"Koshkin worked with Peter Levashov, the operator of the Kelihos botnet, to develop a system that would allow Levashov to crypt the Kelihos malware multiple times each day. Koshkin provided Levashov with a custom, high-volume crypting service that enabled Levashov to distribute Kelihos through multiple criminal affiliates. Levashov used the Kelihos botnet to send spam, harvest account credentials, conduct denial of service attacks, and distribute ransomware and other malicious software," said the Department of Justice.
A criminal complaint during Levashov's arrest showed that Koskin received nearly $3,000 monthly between May 2014 and April 2017. The Kelihos botnet was able to compromise upwards of 60,000 computers around the world before being finally dismantled by the FBI in 2017.
Meanwhile, Koshkin's co-defendant Pavel Tsurkan, an Estonian national, entered a guilty plea for aiding and abetting hackers in attacks targeted at computers around the world.