DOJ disables Kelihos botnet after arrest of Russia hacker

DOJ disables Kelihos botnet after arrest of Russia hacker

The Department of Justice (DOJ) on Monday announced [press release] that it had effectively disrupted the Kelihos botnet [complaint, PDF], a network of thousands of virus ridden computers used to glean personal information and login credentials by distributing malicious software through spam emails.

Once infected by Kelihos, compromised computers within the botnet are used by the Defendant to generate huge volumes of unsolicited “spam” emails that advertise counterfeit drugs, pump-and-dump stock schemes, work-at-home scams, and other frauds. Kelihos is also used to generate phishing emails, harvest user credentials, and to download additional malware onto victim computers, including ransomware and banking Trojans.

A DOJ spokesman said the agency will continue “combatting cybercrime, no matter the size or sophistication of the scheme, and punish those who are engaged in such crimes.”

Last week Peter Yuryevich Levashov, long thought to be the creator of the Kelihos botnet, was arrested [Reuters report] in Spain on charges purportedly related to US claims that Russia interfered with the November 2016 US election. Two weeks ago the Senate held hearings [JURIST report] on seeking to determine the level of Russian involvement in the election, one week after the director of the FBI confirmed [JURIST report] it had begun investigating Russian interference. The DOJ announced [JURIST report] indictments for four Russian hackers in March related to an email hacking incident.