{"id":107,"date":"2017-04-11T15:01:43","date_gmt":"2017-04-11T15:01:43","guid":{"rendered":"http:\/\/ielrblog.com\/?p=107"},"modified":"2017-08-15T19:52:33","modified_gmt":"2017-08-15T19:52:33","slug":"u-s-takes-down-russian-botnet-after-operator-arrested-in-spain","status":"publish","type":"post","link":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/","title":{"rendered":"U.S. Takes Down Russian Botnet after Operator Arrested in Spain"},"content":{"rendered":"

On April 10, 2017, the U.S. Department of Justice announced that the U.S. government\u00a0was in the process of taking steps to dismantle a Russian botnet responsible for infecting tens of thousands of computers to facilitate criminal activities. The Kelihos botnet, announced by Acting Assistant Attorney General Kenneth A. Blanco, was responsible for, “distributing hundreds of millions of fraudulent e-mails per year, intercepting the credentials to online and financial accounts belonging to thousands of Americans, and spreading ransomware throughout our networks.” The FBI announced that it had, as of April 8, 2017, begun what\u00a0FBI Special Agent in Charge Marlin Ritzman described as the “extraordinary task” of blocking malicious domains associated with the Kelihos botnet, preventing those domains from being accessed in the United States, and thus protecting American citizens from further harm.<\/p>\n

The Department of Justice announcement comes as, over the preceding weekend, Spanish officials arrested and detained 36-year old Russian national Peter Levashov in response to an FBI request. Levashov is suspected of being the operator of the Kelihos botnet, who works under\u00a0the alias Peter Severa.\u00a0Levashov has been indicted in the U.S. twice previously on computer crime-related charges, and is number 6 on the list of the World’s Ten Worst Spammers, a list maintained by the anti-spam organization Spamhaus.<\/p>\n

The arrest is the result of years of concerted effort by U.S. agents, who had been monitoring Levashov since at least 2006. When Levashov took a vacation to Barcelona, the FBI\u00a0saw an opportunity, contacting the Spanish police, who entered Levashov’s hotel on Friday, April 7, and made the arrest.<\/p>\n

Levashov, according to the complaint, had gained unauthorized access to\u00a0a network of over 100,000 computers, and used those computers to engage in the lucrative practice of spam campaigns. According to a New York Times report<\/a>,\u00a0the cost of a\u00a0Kelihos\u00a0spam campaign “ranged from $200 to $500 per one million email messages, … [and] Mr. Levashov charged more to target American computers, an indication that these were a higher priority.”<\/p>\n

Mr. Levashov also used his spam campaigns for political purposes, though he is not accused of having any involvement in the plot to influence the 2016 U.S. Presidential election. In 2012, Levashov’s botnet sent emails intended to discredit the leading challenger to Russian President Vladimir Putin ahead of that year’s Russian federal election. The emails contained links to fake news stories which alleged that the challenger, businessman Mikhail Prokhorov, had come out as gay.<\/p>\n

The civil complaint can be found here:\u00a0https:\/\/www.justice.gov\/opa\/press-release\/file\/956506\/download<\/a><\/p>\n

The press release announcing the actions against the Kelihos botnet can be found here:\u00a0https:\/\/www.justice.gov\/opa\/press-release\/file\/956506\/download<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

On April 10, 2017, the U.S. Department of Justice announced that the U.S. government\u00a0was in the process of taking steps to dismantle a Russian botnet responsible for infecting tens of thousands of computers to facilitate criminal activities. The Kelihos botnet, announced by Acting Assistant Attorney General Kenneth A. Blanco, was responsible for, “distributing hundreds of […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[11],"tags":[],"class_list":{"0":"post-107","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-transnational-organized-crime-cybercrime-narcotics","7":"entry"},"yoast_head":"\nU.S. Takes Down Russian Botnet after Operator Arrested in Spain | IELR Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"U.S. Takes Down Russian Botnet after Operator Arrested in Spain | IELR Blog\" \/>\n<meta property=\"og:description\" content=\"On April 10, 2017, the U.S. Department of Justice announced that the U.S. government\u00a0was in the process of taking steps to dismantle a Russian botnet responsible for infecting tens of thousands of computers to facilitate criminal activities. The Kelihos botnet, announced by Acting Assistant Attorney General Kenneth A. Blanco, was responsible for, “distributing hundreds of […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/\" \/>\n<meta property=\"og:site_name\" content=\"IELR Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/m.facebook.com\/intlenforcementlawreporter\/?ref=bookmarks\" \/>\n<meta property=\"article:published_time\" content=\"2017-04-11T15:01:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-08-15T19:52:33+00:00\" \/>\n<meta name=\"author\" content=\"Jacob Rasch\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ielr\" \/>\n<meta name=\"twitter:site\" content=\"@ielr\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jacob Rasch\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/\"},\"author\":{\"name\":\"Jacob Rasch\",\"@id\":\"https:\\\/\\\/ielrblog.com\\\/#\\\/schema\\\/person\\\/0871f6c4c0024c3e4605acd020748f94\"},\"headline\":\"U.S. Takes Down Russian Botnet after Operator Arrested in Spain\",\"datePublished\":\"2017-04-11T15:01:43+00:00\",\"dateModified\":\"2017-08-15T19:52:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/\"},\"wordCount\":448,\"commentCount\":0,\"articleSection\":[\"Transnat'l Organized Crime, Cybercrime, Narcotics\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/\",\"url\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/\",\"name\":\"U.S. Takes Down Russian Botnet after Operator Arrested in Spain | IELR Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ielrblog.com\\\/#website\"},\"datePublished\":\"2017-04-11T15:01:43+00:00\",\"dateModified\":\"2017-08-15T19:52:33+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/ielrblog.com\\\/#\\\/schema\\\/person\\\/0871f6c4c0024c3e4605acd020748f94\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/2017\\\/04\\\/11\\\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/ielrblog.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"U.S. Takes Down Russian Botnet after Operator Arrested in Spain\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/ielrblog.com\\\/#website\",\"url\":\"https:\\\/\\\/ielrblog.com\\\/\",\"name\":\"IELR Blog\",\"description\":\"Official Blog of the International Enforcement Law Reporter\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/ielrblog.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/ielrblog.com\\\/#\\\/schema\\\/person\\\/0871f6c4c0024c3e4605acd020748f94\",\"name\":\"Jacob Rasch\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7583e09591e4a1633dff00aab971657cff2e3287ee2c50f797448fb0096fac41?s=96&d=monsterid&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7583e09591e4a1633dff00aab971657cff2e3287ee2c50f797448fb0096fac41?s=96&d=monsterid&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7583e09591e4a1633dff00aab971657cff2e3287ee2c50f797448fb0096fac41?s=96&d=monsterid&r=g\",\"caption\":\"Jacob Rasch\"},\"sameAs\":[\"http:\\\/\\\/ielrblog.com\"],\"url\":\"https:\\\/\\\/ielrblog.com\\\/index.php\\\/author\\\/jacob-rasch\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"U.S. Takes Down Russian Botnet after Operator Arrested in Spain | IELR Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/","og_locale":"en_US","og_type":"article","og_title":"U.S. Takes Down Russian Botnet after Operator Arrested in Spain | IELR Blog","og_description":"On April 10, 2017, the U.S. Department of Justice announced that the U.S. government\u00a0was in the process of taking steps to dismantle a Russian botnet responsible for infecting tens of thousands of computers to facilitate criminal activities. The Kelihos botnet, announced by Acting Assistant Attorney General Kenneth A. Blanco, was responsible for, “distributing hundreds of […]","og_url":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/","og_site_name":"IELR Blog","article_publisher":"https:\/\/m.facebook.com\/intlenforcementlawreporter\/?ref=bookmarks","article_published_time":"2017-04-11T15:01:43+00:00","article_modified_time":"2017-08-15T19:52:33+00:00","author":"Jacob Rasch","twitter_card":"summary_large_image","twitter_creator":"@ielr","twitter_site":"@ielr","twitter_misc":{"Written by":"Jacob Rasch","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/#article","isPartOf":{"@id":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/"},"author":{"name":"Jacob Rasch","@id":"https:\/\/ielrblog.com\/#\/schema\/person\/0871f6c4c0024c3e4605acd020748f94"},"headline":"U.S. Takes Down Russian Botnet after Operator Arrested in Spain","datePublished":"2017-04-11T15:01:43+00:00","dateModified":"2017-08-15T19:52:33+00:00","mainEntityOfPage":{"@id":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/"},"wordCount":448,"commentCount":0,"articleSection":["Transnat'l Organized Crime, Cybercrime, Narcotics"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/","url":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/","name":"U.S. Takes Down Russian Botnet after Operator Arrested in Spain | IELR Blog","isPartOf":{"@id":"https:\/\/ielrblog.com\/#website"},"datePublished":"2017-04-11T15:01:43+00:00","dateModified":"2017-08-15T19:52:33+00:00","author":{"@id":"https:\/\/ielrblog.com\/#\/schema\/person\/0871f6c4c0024c3e4605acd020748f94"},"breadcrumb":{"@id":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/ielrblog.com\/index.php\/2017\/04\/11\/u-s-takes-down-russian-botnet-after-operator-arrested-in-spain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ielrblog.com\/"},{"@type":"ListItem","position":2,"name":"U.S. Takes Down Russian Botnet after Operator Arrested in Spain"}]},{"@type":"WebSite","@id":"https:\/\/ielrblog.com\/#website","url":"https:\/\/ielrblog.com\/","name":"IELR Blog","description":"Official Blog of the International Enforcement Law Reporter","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ielrblog.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/ielrblog.com\/#\/schema\/person\/0871f6c4c0024c3e4605acd020748f94","name":"Jacob Rasch","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/7583e09591e4a1633dff00aab971657cff2e3287ee2c50f797448fb0096fac41?s=96&d=monsterid&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7583e09591e4a1633dff00aab971657cff2e3287ee2c50f797448fb0096fac41?s=96&d=monsterid&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7583e09591e4a1633dff00aab971657cff2e3287ee2c50f797448fb0096fac41?s=96&d=monsterid&r=g","caption":"Jacob Rasch"},"sameAs":["http:\/\/ielrblog.com"],"url":"https:\/\/ielrblog.com\/index.php\/author\/jacob-rasch\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pas6ng-1J","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/posts\/107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/comments?post=107"}],"version-history":[{"count":3,"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/posts\/107\/revisions"}],"predecessor-version":[{"id":112,"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/posts\/107\/revisions\/112"}],"wp:attachment":[{"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/media?parent=107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/categories?post=107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ielrblog.com\/index.php\/wp-json\/wp\/v2\/tags?post=107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}