Bulgaria has granted the extradition of RSOCKS botnet administrator Denis Kloster, also known as Denis Emelyantsev, to the U.S. following his arrest as requested by U.S. law enforcement, reports KrebsOnSecurity.
Kloster was reported by Bulgarian news outlet 24Chasa.bg to have been apprehended by Bulgarian authorities in June, later seeking the Bulgarian court to allow for him to be brought to U.S. to face his charges.
"America is looking for me because I have enormous information and they need it. Thats why they want me," said Kloster at his extradition hearing, according to 24Chasa.
Industrial control systems, routers, computers, and Android devices have been targeted by the RSOCKS botnet, which emerged in 2013 and was disrupted in June following an international operation. The U.S. Justice Department noted that the takedown involved a search warrant from the U.S. Attorneys Office for the Southern District of California, which was also the basis for the arrest of Kloster.
Officials, journalists, and activists across Armenia were reported by Access Now, Citizen Lab, Amnesty International, CyberHUB-AM, and independent researcher Ruben Muradyan to have been targeted in at least 12 instances with the NSO Group's Pegasus spyware, Reuters reports.
Intellexa's commercial Predator spyware, which has been used in surveillance operations targeted at European politicians, Meta executives, and journalists, has been deploying its Alien loader to the 'zygote64' Android process to enable more spyware components, according to BleepingComputer.