Russian computer hacker convicted in Connecticut federal probe

September 13, 2018 GMT

A Russian hacker accused of stealing personal information from thousands of personal computers pleaded guilty to several federal charges stemming from 20 years of criminal activity.

Peter Yuryevich Levashov also know as Peter Severa, and “Sergey Astakhov, 38, of St. Petersburg, Russia, admitted he operated the Kelihos botnet to grab login credentials, distribute bulk spam e-mails, and install ransomware and other malicious software.

During proceedings Wednesday before e U.S. District Judge Robert N. Chatigny, Leshov pleaded guilty to charges of causing intentional damage to a protected computer, conspiracy, wire fraud and aggravated identity theft.


Levashov, who is being detained without bond, will next appear before Chatigny for sentencing on Sept. 6, 2019.

“For over two decades, Peter Levashov operated botnets which enabled him to harvest personal information from infected computers, disseminate spam, and distribute malware used to facilitate multiple scams,” said Assistant Attorney General Brian A. Benczkowski, of the U.S. Justice Department’s Criminal Division in Washington, D.C.. “We are grateful to Spanish authorities for his previous arrest and extradition. This guilty plea demonstrates that the Department will collaborate with our international law enforcement partners to bring cybercriminals to justice, wherever they may be.”

Levashov used the Peter Severa alias while trolling online, according to Brian Turner, the FBI’s special agent in charge of their Connecticut headquarters..

“Mr. Levashov used the Kelihos botnet to distribute thousands of spam e-mails, harvest login credentials, and install malicious software on computers around the world,” added U.S. Attorney John “Bull” Durham. “He also participated in online forums on which stolen identities, credit card information and cybercrime tools were traded and sold.”

While Levashov’s criminal activity was disrupting “the lives of thousands of computer users, Durham said the defendant “lived quite comfortably.”.

Investigators described a botnet as a network of computers infected with malicious software that allows a third party to control the entire computer network without the knowledge or consent of the computer owners.

Since the late 1990s until his arrest in April, 2017, Levashov controlled and operated multiple botnets, including the Storm, Waledac and Kelihos botnets, to harvest personal information and means of identification (including email addresses, user names and logins, and passwords) from infected computers, investigators charged. Levashov disseminated spam and distributed other malware, such as banking Trojans and ransomware, and advertised the Kelihos botnet spam and malware services for sale.


The Kelihos botnet is believed to have infected 50,000 computers before it was dismantled on April 10, 2017

Investigators claim Levashov participated in and moderated various online criminal forums on which stolen identities and credit cards, malware and other criminal tools of cybercrime were traded and sold.

Spanish authorities arrested Levashov in Barcelona on April 7, 2017, based upon a criminal complaint and arrest warrant issued by Durham’s office. He was indicted 20 days later by a federal grand jury here and extradited in February.

Assistant U.S. Attorneys Vanessa Richards and David Huang along with Senior Trial Attorney Anthony Teelucksingh of the Justice Department’s Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case. The Criminal Division’s Office of International Affairs handled the extradition in this matter, with assistance from the U.S. Marshals Service. The University of Alabama at Birmingham, , Cambridge University, and ThreatStop, SpamHaus, Cisco, and Cloudmark assisted investigators.