Peter Yuryevich Levashov, aka ‘Petr Levashov,’ ‘Peter Severa,’ ‘Petr Severa’ and ‘Sergey Astakhov,’ 38, of St. Petersburg, Russia, pleaded guilty today in U.S. District Court in Hartford, Connecticut, to offenses stemming from his operation of the Kelihos botnet, which he used to facilitate malicious activities including harvesting login credentials, distributing bulk spam e-mails, and installing ransomware and other malicious software.
According to court documents and statements made in court, a botnet is a network of computers infected with malicious software that allows a third party to control the entire computer network without the knowledge or consent of the computer owners. Since the late 1990s until his arrest in April 2017, Levashov controlled and operated multiple botnets, including the Storm, Waledac and Kelihos botnets, to harvest personal information and means of identification (including email addresses, usernames and logins, and passwords) from infected computers. To further the scheme, Levashov disseminated spam and distributed other malware, such as banking Trojans and ransomware, and advertised the Kelihos botnet spam and malware services to others for purchase in order to enrich himself. Over the course of his criminal career, Levashov participated in and moderated various online criminal forums on which stolen identities and credit cards, malware and other criminal tools of cybercrime were traded and sold.
Spanish authorities arrested Levashov in Barcelona on April 7, 2017, based upon a criminal complaint and arrest warrant issued in the District of Connecticut. At the time of Levashovs arrest, Kelihos infected at least 50,000 computers. (Source: U.S. Department of Justice)