Russian man arrested for running notorious spam-sending Kelihos botnet


A Russian man arrested in Spain Monday on behalf of the United States government stands accused of running the notorious Kelihos botnet.

Thirty-six-year-old Peter Yuryevich Levashov, who is also claimed to be using the name Peter Severa, was first thought to have been arrested in relation to the ongoing investigation into alleged hacking during the 2016 U.S. Presidential campaign. But subsequently the Department of Justice said it suspected him of being the mastermind behind Kelihos.

First finding its way online in 2010, the Kelihos botnet uses malware targeted at Windows machines to create a network that is used to target other computers, harvest user details and send spam. Levashov is alleged to have used the information gained from Kelihos to further his spamming operation, which he advertised on various dark web sites. The e-mails sent using the botnet are alleged to have advertised counterfeit drugs, promoted stocks in order to increase their price, and sold work-at-home scams and other types of fraud.

Kelihos is also said to have been used for installing ransomware as well as acting as a keylogger, intercepting data such as bank account passwords.

Levashov’s arrest was part of a broader effort to disrupt and dismantle Kelihos run by the Federal Bureau of Investigation’s office in Anchorage, Alaska. “The operation … targeted an ongoing international scheme that was distributing hundreds of millions of fraudulent e-mails per year, intercepting the credentials to online and financial accounts belonging to thousands of Americans, and spreading ransomware throughout our networks,” Acting Assistant Attorney Kenneth A. Blanco said in a statement. “The ability of botnets like Kelihos to be weaponized quickly for vast and varied types of harms is a dangerous and deep threat to all Americans, driving at the core of how we communicate, network, earn a living, and live our everyday lives.”

The Department of Justice did not reveal what charges Levashov is facing because the case remains under seal, so it’s also not clear how much jail time he could be facing. Levashov remains in detention in Spain awaiting an extradition hearing.

Image: Wikimedia Commons