Stupid Mistakes Lead to Kelihos Botnet Spam Lord Arrest

Russian Pyotr Levashov spread ransomware and other malicious software through the Kelihos botnet, possibly hacked the U.S. election and probably ran the Waledac spam botnet.

In 2009, Levashov was charged with operating the notorious Storm botnet, Kelihos’ predecessor. According to anti-spam organization Spamhaus, Levashov is listed as one of the World’s 10 Worst Spammers and “one of the longest operating criminal spam-lords on the internet”.

How did he get caught? Levashov was arrested in Barcelona, Spain under a U.S. international arrest warrant. But more specifically, he made mistakes. He used the same IP address for his Kelihos botnet and his [email protected] e-mail account.

This shows us the power of hacking… One spammer caused potentially hundreds of millions of dollars of damage or more to the world’s computers and likely extorted many millions of dollars from unsuspecting computer users and it took years to catch him – even after repeated offenses


“The ability of botnets such as Kelihos to be weaponised quickly for vast and varied types of harms is a dangerous and deep threat to all Americans, driving at the core of how we communicate, network, earn a living and live our everyday lives,” said acting assistant attorney general Kenneth Blanco.

“Our success in disrupting the Kelihos botnet was the result of strong co-operation between private industry experts and law enforcement, and the use of innovative legal and technical tactics,” he said.

Let’s put into perspective that law enforcement had to rely on “innovative legal and technical tactics” even after the spammer in question made two serious mistakes. He resided in a country where U.S. law enforcement could get to him and he used the same IP address for his email as his malicious activity.

Any criminal with a brain and he obviously has a very impressive one based on the scale of his criminal enterprise, would know these mistakes are to be avoided. What this tells us, is there is little fear in the hacker community from law enforcement in general.

This is exactly the same takeaway we received when we reported that Microsoft said we need a Digital Geneva Convention. Even Microsoft with its near unlimited-resources feels vulnerable. The point being, hackers are working with impunity and if they stay in areas where western law enforcement can’t reach them, like Russia, the war on hackers and ransomware will continue be a very unsuccessful one.

It’s why its very important to ensure your company is conducting cybersecurity training and proper Auditing & Documentation in your organization at all times.

    Leave Your Comment


    Share via
    Copy link
    Powered by Social Snap