A Russian man has been imprisoned for 46 months after admitting to using the Ebury malware to create a massive botnet for fun and profit.
Maxim Senakh, 41, of Veliky Novgorod in Russia, was sentenced in Minnesota after pleading guilty to conspiracy to commit wire fraud and violating the Computer Fraud and Abuse Act. He was arrested while on a visit to Finland and extradited to the US after an indictment was filed in absentia.
Ebury is malware specifically designed to run on Linux, FreeBSD, and Solaris systems and harvest login credentials. Senakh and his associates then used them to build a botnet of infected systems made up of tens of thousands of computers. They made millions running spam campaigns and committing advertising click fraud.
"Working within a massive criminal enterprise, Maxim Senakh helped create a sophisticated infrastructure that victimized thousands of Internet users across the world," said Acting Minnesota US Attorney Gregory Brooker.
"As society becomes more reliant on computers, cybercriminals like Senakh pose a serious threat. This office, along with our law enforcement partners, are committed to detecting and prosecuting cybercriminals no matter where they reside."
Ebury shot to fame when it was used as part of the attack on the Linux Foundation and the Linux Kernel Organization's kernel.org. The man accused of that crime, Donald Ryan Austin, is currently awaiting trial on hacking charges.
"The defendant and his co-conspirators sought to turn a network of thousands of infected computers in the United States and around the world into their personal cash machines," said Acting Assistant Attorney General Kenneth Blanco.
"But cybercriminals like Mr Senakh should take heed: they are not immune from US prosecution just because they operate from afar or behind a veil of technology. We have the ability and the determination to identify them, find them, and bring them to justice."
Special Agent in Charge Richard Thornton said: "The sentence handed down today sends a strong message to international cybercriminals who mistakenly believe they can prey on the American people with impunity.
"The FBI is committed to working closely with our global law enforcement partners to investigate criminal enterprises such as this and hold those responsible to account for their crimes, wherever they may be." ®