Pierluigi Paganini April 10, 2017

Spanish law enforcement arrested in Barcellona the Russian hacker Pyotr Levashov who is suspected of being involved in attacks on 2016 US Election.

Spanish law enforcement arrested in Barcelona the Russian hacker and alleged spam kingpin Pyotr Levashov (36). The man is suspected of being involved in hacking attacks against entities linked to the 2016 US Presidential Election.

The Russian embassy in Madrid confirmed the arrest of the suspect by did not disclose the reason for the arrest.

“Russian television station RT reported that Levashov was arrested under a U.S. international arrest warrant and was suspected of being involved in hacking attacks linked to alleged interference in last year’s U.S. election.” reported the Reuters Agency.

“Peter Carr, a spokesman for the U.S. Justice Department’s criminal division, said: “The U.S. case remains under seal, so we have no information to provide at this time.”

A U.S. Department of Justice official told the Reuters that the man was suspected of cyber crime and not of state-sponsored hacking.

Pyotr Levashov was detained by the Spanish police in Barcelona after the US authorities issued an international arrest warrant for the arrest of the Russian hacker.

The arrest of Levashov is the second one made by the Spanish police related to hackers suspected of being involved in the attacks against the US 2016 election. In January, the police

Early this year, the Spanish police arrested the hacker Stanislav Lisov (32) on suspicion of creating and distributing the dreaded NeverQuest Banking Trojan. The authorities believe it was also involved in the attacks against the US Presidential Election.

The Neverquest banking trojan, aka Vawtrak, is very popular in the criminal underground.It has been around for several years and was used to target of hundreds of financial institutions worldwide.

One of the last variants discovered in summer 2016 was spotted by experts from Fidelis firm. The new version of the Neverquest malware included significant improvements such as the SSL pinning and leverages on a DGA mechanism to generates .ru domains with a pseudorandom number generator (PRNG) discovered in the loader.

The US authorities are going to request the extradition of both hackers arrested in Spain to the United State.

Security experts linked Levashov to Peter Severa (aka Peter Levashov) one of the Top 10 Worst Spammers in the world.

The US government has repeatedly accused the Kremlin of hacking Democratic party in order to influence the final result of the election.

Update -April 12th, 2017

“Over the past several days, many Western news media outlets have predictably devoured thinly-sourced reporting from a Russian publication that the arrest last week of a Russian spam kingpin in Spain was related to hacking attacks linked to last year’s U.S. election. While there is scant evidence that the spammer’s arrest had anything to do with the election, the success of that narrative is a sterling example of how the Kremlin’s propaganda machine is adept at manufacturing fake news, undermining public trust in the media, and distracting attention away from the real story.” Wrote Brian Krebs explaining that the guy is not involved in the DNC hack.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – DNC,Russian hacker)