Thursday, January 21, 13:48
Home security Russian hacker arrested by Russian authorities for targeting locals

Russian hacker arrested by Russian authorities for targeting locals

The Russian authorities arrested a creator malware in late September, causing surprise as Russia is a country that is usually lenient with them hackers. According to the Russian Interior Ministry, The accused is a 20-year-old Russian hacker from the region of North Ossetia-Alania.

Russian authorities
Russian hacker arrested by Russian authorities for targeting locals

According to the Russian authorities, the Russian hacker created a lot of malware during the period November 2017 and March 2018. These malware used them for infection of at least 2.100 computers throughout Russia.

However, according to the indictment, the malware was not used only by him. The accused worked with six other people to distribute the malware. The whole team earned more than 4,3 million Russian rubles (~ $ 55.000) thanks to this malware.

Russian authorities have not made public the name of the detainee. However, the Benoit Ancel, malware analyst at CSIS Security Group, said the accused is a Russian hacker, who is being monitored by other security investigators. His nickname is "1ms0rry".

In April 2018, Ancel and other researchers security worked together to detect 1ms0rry online businesses and malware.

Based on exhibition Ancel infected 1ms0rry with the following malware:

1ms0rry-Miner: a trojan that starts cryptocurrency mining immediately after installation on a device.

N0f1l3: an info-stealer trojan that steals data (browser passwords, cryptocurrency wallet configuration files, Filezilla FTP credentials and specifically archives from the desktop) from infected computers.

LoaderBot: a trojan that initially infects a device and then develops other malicious programs.

Russian hacker
Russian hacker arrested by Russian authorities for targeting locals

According to the French researcher, the Russian hacker 1ms0rry sold his malware to Russian speakers hacking Forums. In addition, some of them were eventually used to create even more powerful malware, such as Bumblebee (based on 1ms0rry-Miner), FelixHTTP (based on N0f1l3), EnlightenedHTTP and the very popular Evrial (which had common code with 1ms0rry malware).

The report of the researcher and his collaborators in 2018, also revealed some data for the true identity of 1ms0rry. The report said it was one talented young developer from Vladikavkaz, who had also received praise from local authorities for his involvement in the security in cyberspace.

However, the young developer did one big mistake. His malware was used to attack Russian users.

Until now, the Russian authorities have been lenient with the Russians hackers and had "turned a blind eye" to various criminal acts. This was the case, however, as long as Russian citizens and local businesses were not targeted.

In recent years, many Russian hacking groups have gone unpunished for operations carried out outside Russia. Russian authorities refuse to extradite Russian hackers despite repeated allegations by Russian authorities USA.

According to ZDNet, all the major Russian-speaking hacking forums and the dark web make it very clear in their rules that members are prohibited from attacking users in the former Soviet Union. Everyone knows that if they do not attack Russian citizens, they will be able to continue their activities without being disturbed by the authorities.

Therefore, many of the malware are designed to avoid infecting Russians users.

However, 1ms0rry either seems unaware of this rule or has deliberately chosen to ignore it for additional gain. In any case, the decision to target Russian users did not go well.


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!


Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...

Microsoft: "Zero trust" protects against sophisticated hacking attacks

According to Microsoft, the techniques used by the hackers of SolarWinds, were sophisticated but common and preventable. To avoid future attacks ...

US: Twitter locks Chinese embassy account due to "dehumanization"

Twitter said it locked the account of the Chinese embassy in the United States for a tweet about its women ...

Ransomware victims pay a ransom to prevent their data from being leaked

Keeping backups is very important, especially in cases of Ransomware attacks. However, it seems that the hackers are using new methods, with ...

QAnon fans: Disappointed on social media after Biden was sworn in

Some QAnon supporters have expressed frustration at online forums and chat rooms over Joe Biden's swearing-in. Most...

COVID-19: Amazon wants to help Biden distribute the vaccines

Amazon has offered to help President Biden distribute COVID-19 vaccines. The letter from Dave Clark, vice president ...

Nitro PDF: Leaked database with 77 million user files!

Hacker leaked on January 20 a stolen database containing email addresses, names and passwords for over ...

Hackers provide free online 2 million Pixlr user files!

Hackers have leaked 2 million Pixlr user files containing information that could then be used to execute ...

Donald Trump: Thanks to Lil Wayne, not to Julian Assange!

Outgoing US President Donald Trump will award today thanks to rapper Lil Wayne in a final wave of pardon that ...