Russian national sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Pierluigi Paganini December 12, 2021

A United States court has sentenced to four years in prison for the Russian citizen Oleg Koshkin for his role in Kelihos Botnet development.

Oleg Koshkin (41) has been sentenced to 48 months in prison for one count of conspiracy to commit computer fraud and abuse and one count of computer fraud and abuse.

Russian national Oleg Koshkin was convicted in January for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection.

“A Russian national was sentenced today to 48 months in prison for operating a “crypting” service used to conceal the Kelihos malware from antivirus software, which enabled hackers to systematically infect approximately hundreds of thousands of victim computers around the world with malicious software, including ransomware.” reads the press release published by DoJ.

“According to court documents, Oleg Koshkin, 41, was convicted by a federal jury on June 15 of one count of conspiracy to commit computer fraud and abuse and one count of computer fraud and abuse.”

Koshkin operated the webservices “Crypt4U.com,” “fud.bz” and others that allowed their customers to render their malicious payloads undetectable by most of the antivirus engines.

He has been in custody since 2019, when he was arrested in California.

According to court documents, Koshkin supported his co-defendant, Pavel Tsurkan, who is the author of the Kelihos botnet, in the development of a system that would allow to crypt the Kelihos payloads multiple times each day. Koshkin provided Levashov with a custom crypting service that was used to distribute Kelihos through multiple criminal affiliates.

Koshkin was arrested in California in September 2019, while Tsurkan was arrested in April 2017.

The Kelihos botnet was used to send out a large volume of spam messages, conduct denial of service attacks, harvest account credentials, and distribute malware. At the time the FBI dismantled the Kelihos botnet, in 2017, the malicious infrastructure was composed of at least 50,000 compromised devices around the world.

“Today’s sentencing of Oleg Koshkin serves as another example of the risk and consequences awaiting those who choose to commit cybercrimes against the American public,” said Special Agent in Charge David Sundberg of the FBI’s New Haven Division. “For years, Koshkin and his co-conspirators worked to evade our most basic cyber defenses in order to spread malware on a truly global scale. While our work to bring Koshin to justice comes to a close, the FBI will continue to tirelessly defend our country from the ever-evolving cyber threats posed by criminals, terrorists and hostile nation-states.”

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Kelihos Botnet)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment