NEW HAVEN, Conn. — A federal jury in Hartford has convicted a Russian National on Tuesday, June 15th, for his role in using a crypting service that was used to conceal “Kelihos” malware from antivirus software.
This software enabled hackers to systemically infect victims' computers around the world with malicious software including ransomware.
Oleg Koshkin, 41 formerly of Estonia, has been convicted of aiding and attempting computer fraud and abuse. He will serve the maximum penalty of 15 years in prison. His sentencing is scheduled for September 20.
Acting U.S. Attorney Leonard C Boyle said, “By operating a website that was intended to hide malware from antivirus programs, Koshkin provided a critical service that enabled other cybercriminals to infect thousands of computers around the world."
These kinds of threats to the cyber community are taken seriously.
Boyle continued, “We will investigate and prosecute the individuals who aid and abet cybercriminals as vigorously as we do the ones who actually hit the ‘send’ button on viruses and other malicious software.”
Acting Assistant Attorney General Nicholas L. McQuaid said Koshkin designed and operated a service that was an essential tool for some of the world's most destructive cyber criminals including ransomware attackers.
McQuaid made it very clear in a press release that these kinds of acts are not be tolerated.
“Today’s verdict should serve as a warning to those who provide infrastructure to cybercriminals: the Criminal Division and our law enforcement partners consider you to be just as culpable as the hackers whose crimes you enable—and we will work tirelessly to bring you to justice,” Mcquaid said in a press release.
According to court documents and evidence from the trial, Koshkin operated the websites “crpt4u.com,” “fud.bz,” and others. These websites promised to render malicious software fully undetectable (FUD) by nearly every major provider of antivirus software.
However, Koshkin did not participate in these acts alone.
Koshkin and his co-conspirators claimed that their services could be used for malware such as botnets, remote access trojans (RATs), keyloggers, credential stealers, and cryptocurrency miners.
One of the people he worked with, Peter Levashov, was the operator of the Kelihos botnet.
The botnet was used by Levashov to send spam, harvest account credentials, conduct denial of service attacks, and distribute ransomware and other malicious software.
When the botnet was dismantled by the FBI, the Kelihos botnet was known to include at least 50,000 compromised computers around the world.
Koshkins co-defendant, Pavel Tsurkan is also being charged with conspiring to cause damage to 10 or more protected computers, and aiding and abetting Levashov in causing damage to 10 or more protected computers. However, he is released on bond while awaiting trial according to officials.
The FBI’s New Haven Division is investigating this case through its Connecticut Cyber Task Force. Assistant U.S. Attorney Edward Chang of the United States Attorney’s Office and Senior Counsel Ryan K.J. Dickey of the Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case, with the help from the Criminal Division’s Office of International Affairs.
The Estonian Police and Border Guard Board also provided significant assistance to the case as well.
---
HERE ARE MORE WAYS TO GET FOX61 NEWS
Download the FOX61 News APP
iTunes: Click here to download
Google Play: Click here to download
Stream Live on ROKU: Add the channel from the ROKU store or by searching FOX61.
