Ukraine Police Arrest Botnet Attack Controller

Uploaded on 2021-10-15 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Ukrainian law enforcement officers have arrested a suspected botnet herder responsible for controlling an automated network of around 100,000 compromised machines to launch DDoS and other attacks. The unnamed individual is also said to have leveraged the automated network to detect vulnerabilities in websites and break into them as well as stage brute-force attacks in order to guess email passwords. 

The Ukrainian SSU police agency say the resident of Ivano-Frankivsk also used the botnet to launch spam campaigns, scan for vulnerabilities in websites to exploit, and brute-force users’ email passwords.

The SSU says it conducted a raid of the suspect's residence and seized their computer equipment as evidence of illegal activity. "He looked for customers on the closed forums and Telegram chats and payments were made via blocked electronic payment systems," the Security Service of Ukraine (SSU) said in a press statement. The payments were facilitated via WebMoney, a Russian money transfer platform banned in Ukraine.

According to an SSU statement, the hacker used his botnet’s sheer force to bring down websites and to have  conducted reconnaissance and penetration testing on the target websites in order to find and exploit weaknesses.
He communicated with customers for his services on encrypted channels like Telegram and closed underground forums, and received the payment through platforms banned in Ukraine like WebMoney. The National Security and Defence Council of Ukraine imposed sanctions on this Russian firm in 2018. 

The suspect registered his real address with WebMoney, enabling SSU officers to find him and he now faces charges under the Criminal Code of Ukraine, which relates to the creation, distribution, or sale of malicious software or hardware; and interference with the work of computers, automated systems, and computer or telecoms networks. These charges could incur severe penalties like several years of imprisonment

Ukrainian law enforcers have been busy as the country continues to be a home for numerous highly effective threat actors. In February 2020 police arrested members of Egregor a ransomware group and in June, six members of the Clop ransomware gang were arrested in Ukraine. Then in October, two “prolific ransomware operators” were also arrested.

Those arrests come in stark contrast to law enforcement activity in Russia, where the state appears to be allowing cyber crime activity as long as it is targeted at victims outside the country. 

Gov.UA:        Heimdal Security:      Wired:      Cyber Reports:     Infosecurity Magazine:       Hacker News

You Might Also Read: 

Mēris Botnet Goes Global:

 

« Russia's Criminal Hackers
British Police IT Systems Cannot Cope With Cyber Crime »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Center for a New American Security (CNAS)

Center for a New American Security (CNAS)

CNAS is the nation's leading research institution focused on defense and national security policy. Cyber security issues are an intrinsic element of the national security debate.

CyberOwl

CyberOwl

CyberOwl builds on cutting-edge research and combines decades of experience in developing, securing and operating large distributed systems.

Cryptovision

Cryptovision

Cryptovision GmbH is one of the leading specialists for modern, user-friendly cryptography and solutions for secure electronic identities.

Japan Cybersecurity Innovation Committee (JCIC)

Japan Cybersecurity Innovation Committee (JCIC)

JCIC is an independent and not-for-profit thinktank to establish a secure and safe digital society.

US-Africa Cybersecurity Group (USAFCG)

US-Africa Cybersecurity Group (USAFCG)

USAFCG provides cybersecurity consulting services and delivers training programs for capacity building in Africa.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

SOC Experts

SOC Experts

SOC Experts is a pioneer (we started SOC training well before people realized how big the domain was going to be) and the only institution to provide end-to-end training on Security Operations Centers

Viria

Viria

Viria is an information and security technology solution provider that promotes digitalization in a secure way.

Bright Pixel Capital

Bright Pixel Capital

Bright Pixel Capital is a venture capital company with a focus on Cybersecurity, Retail Technologies, Digital Infrastructure and Emerging Technologies.

Aceiss

Aceiss

Aceiss empowers access security, providing unprecedented visibility and insights into user access.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

QuantumCTek

QuantumCTek

QuantumCTek is a Chinese pioneer and leader in commercialized quantum information technology (QIT).

Hartman Executive Advisors

Hartman Executive Advisors

Hartman Executive Advisors is an unbiased IT and cyber advisory firm uniquely designed to help mid-market executives maximize their IT investments.

Iron EagleX

Iron EagleX

Iron EagleX deliver engineering solutions in cloud computing, big data, cyber, and machine learning technologies to US Government customers.

Gibbs Consulting

Gibbs Consulting

Gibbs Consulting provides innovative, flexible, on-demand IT Services and IT Consulting that delivers value and successful outcomes for our clients.

403Tech Inc.

403Tech Inc.

403Tech is a Calgary based IT Solutions Provider, specializing in small & medium business.