Kelihos botmaster Peter Levashov to be sentenced today (updated)
It’s been a long time coming — too long, some might say — but the Russian hacker involved in the Kelihos botnet will find out his sentence today.
Peter Levashov pleaded guilty in September, 2018. Another Russian national, Oleg Koshkin, 41, formerly of Estonia, operated the websites “Crypt4U.com,” “fud.bz” and others. According to court records and government statements:
Koshkin worked with Peter Levashov, the operator of the Kelihos botnet, to develop a system that would allow Levashov to crypt the Kelihos malware multiple times each day. Koshkin provided Levashov with a custom, high-volume crypting service that enabled Levashov to distribute Kelihos through multiple criminal affiliates. Levashov used the Kelihos botnet to send spam, harvest account credentials, conduct denial of service attacks, and distribute ransomware and other malicious software. At the time it was dismantled by the FBI, the Kelihos botnet was known to include at least 50,000 compromised computers around the world.
That 50,000 may have been a significant underestimate. One of the three botnets he operated was estimated to have infected 200,000 computers. In addition to the “Kelihos” botnet, he was also involved with “StormWorm” and “Waledac.”
Levashov, also known as “Peter Severa,” is scheduled to be sentenced today in Hartford, CT. Prosecutors are reportedly seeking a sentence of 12 – 14 1/2 years.
- The government’s Multi Victim Case Notification in the case can be found here.
- Plea Agreement
Update: Shocker: he got time served.