Navigation
Join our brand new verified AMN Telegram channel and get important news uncensored!
  •  

US convicts Russian nationals guilty of aiding and abetting massive hacking operation

Two men found guilty in Connecticut courts of aiding and abetting a global hacking operation. (Luca Piergiovanni/EFE/Zuma Press/TNS)

Two Russian nationals have been found guilty in Connecticut courts of participating in a Russian hacking operation that federal authorities say infected tens of thousands of computers around the world with malicious programming that exposed them to ransomware and other sorts of attacks.

A federal jury in Hartford found Oleg Koshkin, 41, formerly of Estonia with designing encrypting computer software that enabled hackers to systematically infect victims computers with malicious software, including ransomware. Koshkin associate Pavel Tsurkan pleaded guilty Wednesday in federal court in New Haven to a charge arising from similar conduct.

Both men admit working with notorious Russian hacker Peter Levashov, operator of the Kelihos botnet, a system that distributed multiple, high-volume spam blasts daily to computers around the world. Koshkin and Tsurkan designed an encryption service that enabled the Kelihos malware to elude security and anti-virus programming on targeted computers.

Federal authorities said Levashov used Kelihos  to launch spam attacks, steal account credentials, conduct denial of service attacks and distribute ransomware and other malicious software. When the FBI dismantled Kelihos in 2017, the agency said it had compromised at least 50,000 computers around the world.

The Spanish police arrested Levashov in early 2017, while he was outside Russia on a family vacation. He was extradited to the United States and, a year later, pleaded guilty to causing intentional damage to a protected computer, conspiracy, fraud and aggravated identity theft. He has yet to be sentenced.

Koshkin, arrested in California in 2019 and in custody since, was convicted of conspiracy to commit computer fraud and abuse, as well as aiding and abetting computer fraud and abuse. He faces a maximum penalty of 15 years in prison and is scheduled to be sentenced on September 20. Tsurkan, released on bond, pleaded guilty to aiding and abetting intentional damage to a protected computer and faces up to nine years in prison when he is sentenced on Sept. 27.

“The defendant designed and operated a service that was an essential tool for some of the world’s most destructive cybercriminals, including ransomware attackers,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “The verdict should serve as a warning to those who provide infrastructure to cybercriminals: the Criminal Division and our law enforcement partners consider you to be just as culpable as the hackers whose crimes you enable — and we will work tirelessly to bring you to justice.”

Documents admitted in court show Koshkin operated websites such as crypt4u.com and fud.bz,” which advertised encryption programming guaranteed to make malware fully undetectable by nearly every major provider of antivirus software. Koshkin and Tsurkan claimed that their services could be used for malware such as botnets, remote access trojans, keyloggers, credential stealers and cryptocurrency miners.

The FBI’s New Haven Division is investigating the case through its Connecticut Cyber Task Force.

“Mr. Koshkin and his associates knowingly provided crypting services designed to help malicious software bypass anti-virus software,” said Special Agent in Charge David Sundberg of the FBI’s New Haven Division. “The criminal nature of the Crypt4U service was a clear threat to the confidentiality, integrity and availability of computer systems everywhere. We at the FBI will never stop pursuing those like Mr. Koshkin for perpetrating cyber crimes and threats to the public at large.”

In April, the Department of Justice announced the creation of the Ransomware and Digital Extortion Task Force to combat the growing number of ransomware and digital extortion attacks.

___

© 2021 Hartford Courant
Distributed by Tribune Content Agency, LLC