Vitaliy_87 / Getty Images
SAN FRANCISCO — For years Pyotr Levashov, aka Peter Severa, was known to authorities as one of the world’s most prolific spam kingpins.
Levashov, who lived in St. Petersburg, travelled freely under a lifestyle so lavish that one fellow Russian hacker told BuzzFeed News he “would have embarrassed an oligarch.” Last week, he was arrested in Barcelona while vacationing with his family under an international warrant at the request of the US.
Normally, the arrest of a spammer wouldn’t illicit international headlines, no matter how prolific. But over the weekend Levashov’s wife told the Russian state-owned broadcaster Russia Today that her husband’s arrest was due to his involvement in a “computer virus” which was “linked to Trump’s win.” Immediately, online forums were abuzz that one of the Fancy Bears — a group of Russian, government-linked hackers — had been caught.
Yet the arrest of Levashov, a well-known figure in cybercriminal circles, has less to do with the US government hunting down elusive members of the Russian government’s elite squad of hackers, and more to do with authorities finally cracking down on the murky underworld of Russian cybercriminals who have aided Russia’s ever-growing cyberwar in pursuit of their geopolitical goals. For years, cybersecurity researchers and US authorities have tracked the murky ties between cybercriminals and the Russian state, including how malware first developed for criminal enterprises has made its way into state-sponsored cyberattacks on Russia’s neighbors. Over the last six months, US authorities have appeared to be stepping up their efforts to arrest the cybercriminals who work with the Russian state.
“We’ve reached a boiling point with Russia. They are the closest competitor to the US when it comes to cyberespionage and cyberattacks,” said Milan Patel, managing director at the K2 cybersecurity firm, and former Chief Technology Officer of the FBI’s cyber division. “With Russia now, a lot is coming the forefront and being made public about how they run their cyber activities.”
Last month, the US announced charges against two Russian intelligence officers and two hackers over a massive Yahoo breach. US authorities said the group hacked into Yahoo, compromising more than 500 million email accounts, in order to target the emails of just a handful of Russian journalists, opposition politicians, and government officials, for cyberespionnage.
The Justice Department refused to comment on Levashov’s arrest to BuzzFeed News or on the case against him. For years Levashov has been listed as among the top 10 perpetrators of spam in the world by Spamhaus, a group that tracks spammers. Cybersecurity researcher Brian Krebs has also documented how Levashov appeared to be a moderator for online communities which profited from spam, and how he served as a linchpin between virus writers with spam networks.
In 2012, Russian cybersecurity researchers Andrei Soldatov and Irina Borogan, reported that Russian hacker forums believed that Peter Severa (believed to be Levashov’s online alias) had been recruited by the Russia’s national security service, the FSB. The researchers wrote that Peter Severa had been attempting to recruit hackers on online forums.
The alias of Peter Severa was also named by a 2012 court filing by Microsoft, which outlined how the extensive spam network had been used to spread a host of computer viruses. One of those, the Kelihos virus, was used to spread spam during the 2012 Russian elections that pushed fake news stories about the candidate running against Russian President Vladimir Putin. Those emails included unsubstantiated allegations that Putin’s opponent, Mikhail D. Prokhorov, had come out as gay.
It is unclear how, or if, Levashov is tied to the hacks on the DNC, as his wife told Russia Today. One Russian hacker, reached by BuzzFeed News Monday, said he was doubtful Levashov had any direct connection the hacks, but that is was possible malware developed by him had been repurposed in some form.
“They commin for everyon[e] man,” wrote the hacker, via a secure messaging app. His communication with BuzzFeed News was done so on condition of anonymity. “People need keep their head down.”
In previous conversations the hacker, who says he has no ties to the Russian state, has said that Russian cybercriminals are alarmed by the recent arrests among their group and believe the US is on a vendetta. He said that while Russian cybercriminals still enjoy freedom of movement and protection within Russia — as long as their actions don’t target the Russian State — they have become increasingly paranoid about travel and communication outside Russia.
Quelle: <a href="This Is The Russian Hacker Detained For Maybe Helping Hack The 2016 Campaign“>BuzzFeed
Published by