Application security, Application security, Malware, Phishing

Russians and Latvians in DOJ crosshairs for cybercrimes, including running the Kelihos botnet


The U.S. Department of Justice (DOJ) been busy on the cybercrime front during the past few days, accepting a guilty plea from a Russian national, extraditing a second in a separate case, and sentencing a Latvian citizen for a third hacking scheme.

Peteris Sahurovs, who was at one time the fifth Most Wanted person on the FBI’s cybercriminal list, was sentenced to 33 months in prison for conspiracy to commit wire fraud for placing malvertising on the Minneapolis Star Tribune website, the DOJ said. In his plea, Sahurovs admitted that from around February 2010 to September 2010 he placed a fake Best Western hotels ad on the newspaper site that in fact infected readers' computers with malware that created multiple pop-up ads and negatively impacted computer performance.

The victims would then see an ad for Antivirus Soft, a fake computer repair tool, which for $49.95 would supposedly fix the issues. Sahurovs admitted to justice officials that Antivirus Soft in fact did nothing to clean the computer, but would stop the malware he implanted from functioning.

The scam netted Sahurovs between $150,000 and $250,000.

Peter Yuryevich Levashov pleaded guilty in U.S. District Court in Hartford, Conn. to one count of causing intentional damage to a protected computer, one count of conspiracy, one count of wire fraud and one count of aggravated identity theft. All offenses related to his operation of the Kelihos botnet, which he used to harvest login credentials, distribute bulk spam emails, and install ransomware and other malware on some 50,000 computers worldwide.

Assistant Attorney General Benczkowski said Levashov operated various botnets for more than 20 years before being caught by Spanish authorities in Barcelona in April 2017 and extradited to the U.S. in February 2018.

Earlier this week, the U.S. Attorney for the Southern District of New York announced the extradition of Andrei Tyurin from Georgia on charges of allegedly working on a global hacking campaign that targeted major financial institutions, brokerage firms, news agencies, and other companies between 2012 and 2015, the DOJ said in a statement.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.