Wed | Jun 16, 2021 | 3:10 PM PDT

When it comes to hacking and cybercrime, sometimes all the focus is on the one who launches the attack.

But what about those who create the cyber tools that make successful attacks more likely? 

One of those threat actors was just convicted in a United States courtroom. And the tool and service he offered helped hackers stay hidden while inside computer networks.

DOJ convicts Russian national for crypting service

U.S. DOJ prosecutors say Oleg Koshkin, a 41-year-old Russian national, operated a crypting service used to conceal Kelihos malware from antivirus software. In other words, it could fool antivirus into believing there was no threat and no security reason to deny the malware access to a particular system.

The Department of Justice says Koshkin's service would allow hackers to:

"...systematically infect victim computers around the world with malicious software, including ransomware."

The DOJ says that Koshkin operated the websites Crypt4U.com, fud.bz, and a few others that promised to make malicious software undetectable by the vast majority of major antivirus software.

His services could be used for malware such as botnets, remote access trojans (RATs), keyloggers, credential stealers, and cryptocurrency miners.

And the DOJ says Koshkin played a crucial role in the success of Kelihos malware: 

"In particular, Koshkin worked with Peter Levashov, the operator of the Kelihos botnet, to develop a system that would allow Levashov to crypt the Kelihos malware multiple times each day. Koshkin provided Levashov with a custom, high-volume crypting service that enabled Levashov to distribute Kelihos through multiple criminal affiliates.

Levashov used the Kelihos botnet to send spam, harvest account credentials, conduct denial of service attacks, and distribute ransomware and other malicious software. At the time it was dismantled by the FBI, the Kelihos botnet was known to include at least 50,000 compromised computers around the world."

Koshkin has been detained since his arrest in 2019 and faces a maximum penalty of 15 years in prison. He is scheduled to be sentenced in the fall of 2021.

Comments