14 DAY TRIAL // A 22-year-old Russian has been apprehended by authorities on suspicion of running a botnet, based on banking Trojans, that may very well be the largest in the world.
According to Russia’s Interior Ministry, the cybercriminal, known on the hacking scene as “Hermes” or “Arashi”, has managed to gain around 150 million rubles ($4.5 million or 3.6 million EUR).
The botnet, analyzed by Russian security firm Dr. Web, was formed of 4.5 million computers, but experts estimate that the total number of infected devices was around 6 million.
Furthermore, security researchers have reported that around 1 million malicious messages have been sent out daily. On a “productive” day, as many as 100,000 new computers would become zombies in the massive botnet.
The suspect infected the victim machines with banking Trojans such as the infamous Carberp, which he used to steal login details and digital signatures that enabled him to transfer large amounts of money to shady companies.
With the aid of accomplices from Moscow, St Petersburg, Ivanovo, and the Samara and Krasnodar regions, he withdrew the money from ATM machines.
He spent the money on luxury vehicles and a house in a resort, but he also invested in illegal businesses.
One thing that must be noted is the fact that a large majority of the infected computers are located in the Russian Federation.
Authorities raided the suspect’s house and seized computers, storage units and documents that prove his involvement in the scheme.
Representatives of the Interior Ministry are optimistic that the number of thefts from bank accounts will be reduced significantly with the apprehension of the 22-year-old.
This is not the only arrest announced by Russian law enforcement. At the beginning of June, we learned that a number of 6 individuals suspected of using Carberp to commit banking fraud were detained.