The U.S. Department of Justice reported this week that Russian national Oleg Koshkin was sentenced to 48 months in prison for operating an “encryption” service, which was used to hide the Kelihos botnet from antivirus software and make attacks The person can infect hundreds of thousands of machines.
Court documents stated that Koshkin was convicted by a federal jury on June 15 on charges of conspiracy to commit computer fraud and abuse, and one charge of computer fraud and abuse.
U.S. Department of Justice officials wrote in a press release that court documents and evidence provided in the trial showed that Koshkin’s website “committed to making almost all major antivirus software vendors unable to detect malware.” Koshkin and co-conspirators claim that their services can be used in botnets, remote access Trojans, keyloggers, credential stealers, cryptocurrency miners, and other threats.
Koshkin collaborated with Kelihos botnet operator Peter Levashov to create a system that allows Levashov to encrypt Kelihos multiple times a day. Koshkin provided Levashov with a customized high-capacity encryption service, allowing operators to distribute Kelihos through criminal branches. Kelihos is used to send spam, collect account credentials, launch denial of service attacks, and distribute ransomware and other types of malware.
Kelihos relied on these encryption services from 2014 until Levashov was arrested in April 2017. In the last four months of its activity, Kelihos infected approximately 200,000 computers worldwide.
read Full version of the U.S. Department of Justice more details.
