Criminal used network of 100,000 devices in denial of service attacks
The operator of a botnet network was arrested this Monday () in Ukraine, accused of managing a network with more than 100 thousand compromised devices. The system was mainly used to carry out denial of service attacks, whose targets were indicated by third parties, clients of the accused, from offers of their services in forums focused on cybercrime or groups for this purpose on the Telegram platform.
The individual, whose name and age were not revealed, was arrested at his home in the city of Ivano-Frankivsk, about 1024 kilometers from the capital, Kiev. At the residence, police also learned computers and other devices that were used to operate the network, which was also turned off by authorities. In addition to DDoS attacks, the accused would also use the devices in other cybercriminal activities, such as brute-force password cracking or the distribution of spam from fake accounts used on compromised devices.
The accusation of using such technologies to perform penetration tests, locating flaws in remote services or finding configuration gaps, also, to sell cybercriminal services to third parties, weighs on the suspect. In all cases, payment was made through digital channels, using one of them, Webmoney, which was responsible for locating the individual.
According to the police, despite the high sophistication of the crimes, the accused had accounts registered in his own name to receive the money. It was from the aforementioned platform, the use of which is prohibited in Ukrainian territory, that the authorities were able to locate its address, carrying out the operation that derailed the botnet network and prevented further attacks from the infrastructure set up by it.
The suspect must now be prosecuted according to the criminal code of Ukraine for crimes such as distributing malicious software or interfering with remote networks and devices. According to the country’s authorities, he could be sentenced to multiple years in prison, even though a foreseen sentence cannot be revealed until a full analysis of the seized material and the scope of the attacks carried out by the accused is complete.
Source: SSU, Bleeping Computer
