Earlier this week, we reported that 24-year-old alleged hacker Hamza Bendelladj was arrested by police in Thailand. As it turns out, the man might be one of the ZeuS botmasters named by Microsoft in the lawsuit the company filed last year.
Brian Krebs, who has been actively monitoring the cybercriminal underground, Bendelladj fits the profile of “bx1,” suspected of being a major operator of ZeuS-powered botnets.
As he points out, Microsoft’s complaint
submitted to the U.S. District Court for the Eastern District of Virginia does contain email addresses that appear to be linked to the man, including firstname.lastname@example.org, and email@example.com.
The former email address was used by a hacker who contacted Krebs back in 2011. Furthermore, the universityofsutton.com domain appears to be registered to one Daniel Delcore.
An interesting theory is that Bendelladj might have been involved in the arrest of another notorious cybercriminal called Symlink, detained last year in Moldova.
Recently, hackers boasted about hacking into the computer of bx1, stealing a number of files, including identity documents bearing the name of Hamza Daniel Bendelladj. The Algerian’s arrest might be a result of a payback operation orchestrated by Symlink’s friends.