Massive botnet shut down after botmaster’s arrest
Following an investigation that lasted 10 months, Russian police authorities have managed to arrest the 22-year-old operator of one of the largest botnets known to date.
According to a press release (via Google Translate) by the Russian Ministry of Internal Affairs’ Department “K” (anti-cybercrime division), at the time of the young man’s arrest, the botnet consisted of about 4,5 million computers infected with banking Trojans.
The man’s name has yet to be revealed, but his online handles are known: “Hermes” and “Arashi.”
He allegedly owned and operated the botnet, and was also involved in using the stolen information to transfer money from the accounts of the victims to ones he set up himself and hired money mules to withdraw the deposited money.
Occasionally he also rented out the botnet to third parties throughout the Russian Federation.
The zombie computers were mostly located within the Federation itself and, according to the police, as many as 100,000 new computers per day were added to the botnet on occasion, as the victims would get infected by opening spam emails with attached malware.
Aided by experts from Russian AV company Dr. Web, the police managed to track down the youngster and effect a raid on his home, arresting him and confiscating the hardware and documents found there.
According to an initial assessment by the police, he has managed to “earn” himself over 150 million rubles (some $4.5 millions).
He stands accused of fraud, illegal access to computer information and the creation, use and dissemination of malicious software.