Ukrainian police have arrested a hacker who controlled 100.000 botnet devices used to carry out DDoS attacks on behalf of paid customers.
DDoS for rent
The hacker was arrested at his home in Prykarpattia where he allegedly used the botnet to carry out DDoS attacks or to support other malicious activities for his clients.
This activity included brute-forcing login credentials on websites, performing spamming operations and penetration testing on remote devices to locate and exploit vulnerabilities.
According to the SSU announcement, the hacker was not just using the huge power of his botnet to destroy websites. Instead, it performed penetration and reconnaissance tests to identify and exploit vulnerabilities in the targeted sites.
A press release from the Ukrainian SSU states that the hacker found customers on private forums and Telegram channels, where he was paid through electronic platforms such as "Webmoney" for his illegal activity. This payment platform is subject to sanctions in Ukraine.
The hacker created an account on Webmoney with his real address, allowing the Ukrainian police to find out where he lives. At home, police seized computer equipment controlled by the botnet, effectively shutting down malware.
The Ukrainian hacker is now facing charges of violating Part 2 of Art. 361-1 of the Penal Code of the country, regarding the distribution and sale of malware and interference with computers and networks.
These charges could carry harsh sentences such as several years in prison, but police must first fully evaluate the evidence stored in the confiscated systems to determine the full extent of the hacker's actions.
This arrest is part of global law enforcement operations to stop DDoS attacks that can have a far-reaching impact on businesses and infrastructure.
Source of information: bleepingcomputer.com