Ukrainian authorities have arrested a hacker who was renting out space from a “powerful botnet” consisting of over 100,000 enslaved devices that were used as distributed denial-of-service (DDoS) and spam attack services.
The unnamed individual, from the Ivano-Frankivsk region of the country, was trying to leverage an automated network to detect vulnerabilities in websites and break into them as well as stage brute force attacks in order to guess email passwords. He then allegedly used this information to attack the network. who then then took him into custody upon realizing what he had done. The Ukrainian police agency said it conducted a raid of the suspect’s residence and seized their computer equipment as evidence of illegal activity.
The Security Service of Ukraine (SSU) said the information concerning customers was acquired by using “anonymizers” (access to closed forums and Telegram chats), as well as via bogus payment systems that charge exorbitant fees for transfers of funds to bank accounts or WebMoney, an electronic payment system banned by the Ukrainian government.
However, in the apparent trivial error of registering his account with his legitimate address (that officials say) can lead to identifying and tracing him.
After a subsidiary Russian cybersecurity firm disclosed last month that it had sinkholed a port of the Mēris DDoS botnet, a large portion of the estimated 250,000 hosts that have been co-opted into its mesh have been freed from their bot-slave days through a more recent development.
A new report published by security researchers was released, which has revealed that more than 45,000 of the collective Talos observed malware-infected devices across the world; with over 20% of these devices being located in Brazil, a majority of the botnet command and control servers are located in Russia and Romania.