"Moldovan Charged For Operating Botnet Used to Push Ransomware"

The Department of Justice (DoJ) recently charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States.  Also known as Alipako, Uptime, and Alipatime, the 37-year-old man from Chisinau was indicted in December 2021 for aggravated identity theft, computer fraud, and conspiracy to commit wire fraud.  The DoJ noted that Lefterov and his henchmen used malware to steal credentials from the infected devices.  With the help of the harvested login information, they also stole the victims' money by accessing their accounts on financial, payment processing, and retail platforms.  The DoJ noted that infected computers could also be accessed directly using a hidden virtual network computing (hVNC) server without the owners' knowledge.  Direct access via the hVNC server allowed Lefterov and the conspirators to connect to their victims' online accounts using web browsers on the infected devices, which the accessed online platforms would recognize as a trusted connection.  The DoJ said he also provided other cybercriminals access to the botnet via the same hVNC server, allowing them to breach and deploy malware on victims' networks.

 

BleepingComputer reports: "Moldovan Charged For Operating Botnet Used to Push Ransomware"

Submitted by Adam Ekwall on