According to the indictment, he’s “one of the most notorious spammers in the world.” The Russian Piotr ‘Severa’ Levashov, who has been arrested in a joint action by the Spanish and American authorities while on holiday in Barcelona, made a mistake that could end up being very costly: he used the same credentials for his criminal activities and tools as he did for his everyday accounts like iTunes.
It is believed that Levashov, now that he’s out of the fray, was responsible for the long-lived and dangerous botnet Kelihos, which infected more than 100,000 computers worldwide and used them to send massive amounts of spam, stealing access credentials to banking accounts and disseminating malware all over the internet.
Apparently, this Russian cybercriminal was also behind the Waledac botnet and the Storm malware, predecessors of the infamous Kelihos, whose services were marketed on obscure internet forums. Starting at 200 euros for a million spam emails to promote some product of dubious legality (adult content websites, cheap mortgages, replicas – or rather falsifications – of products, etc.), and going up to 500 euros to disseminate malware, phishing campaigns, and fraudulent emails. For 300 euros, a million emails could be sent to recruit ‘mules’ to launder money.
Despite the alleged Russian cybercriminal’s deplorable resume, the welcome news of his detention has been tarnished by the spread of what appears to be an unfounded rumor, which authorities have already discredited. The news organization that first unveiled the success of the joint operation to arrest Levashov, RT (formerly Russia Today), linked the criminal’s arrest with Russian attempts to influence the 2016 elections that gave Donald Trump the presidency of the United States.
Numerous publications around the world took the information at face value and replicated it, perhaps getting carried away by precedents such as that of Evgeniy Bogachev, the most wanted cybercriminal by the FBI, whose relationship with Russian intelligence is widely taken as fact.
In addition to being the brains behind the infamous GameOver Zeus botnet, Bogachev is suspected of making his botnet of over a million computers worldwide available to Kremlin spies. His botnet allegedly collected data of all kinds (photographs, documents, confidential corporate information, etc.) for the purposes of Russian espionage. Among other things, this data may have been used to identify targets during the Russian invasion of Crimea in 2014.
The case of Levashov, however, appears to be different, as no relationship has been established between his criminal activity (a true empire of spam) and the Russian cyberattacks that have been connected to last year’s US elections.