Peter Levashov operated the botnet for decades to facilitate the malicious activities such as credentials harvesting, bulk spam e-mails, Delivering ransomware and other malware’s.
U.S. Attorney Durham said, “Mr. Levashov used the Kelihos botnet to distribute thousands of spam e-mails, harvest login credentials, and install malicious software on computers around the world.” He also participated in online forums to sell the stolen identities such as credit card information and another cybercrime tool.
— U.S. Attorney CT (@USAO_CT) September 12, 2018
The Kelihos botnet first appeared in December 2010, it is also known as a peer-to-peer botnet, it empowers every individual node to go about as a Command and Control server.
The first version of the botnet performed denial-of-service attacks and email spam, with the later version threat actors, added ability to steal Bitcoin wallets to mine cryptocurrencies.
Peter Levashov was arrested on April 7, 2017, in Barcelona by Spanish authorities based on the complaint and arrest warrant issued by the U.S District Court. At the time of arrest, Kelihos had at least 50,000 computers in botnet chain.
“Levashov lived quite comfortably while his criminal behavior disrupted the lives of thousands of computer users and today justice has finally arrived for Peter Levashov,” said FBI Special Agent in Charge Turner.
Levashov pleaded guilty before U.S. District Judge Robert N. Chatigny for damage to a protected computer, one count of conspiracy, one count of wire fraud and one count of aggravated identity theft. He is due to be sentenced on 6-Sept-2019 reads DoJ press release.