Tag Archive for: accused

Russian national accused of developing, selling malware appears in U.S. court

/in


A Russian national accused of developing and licensing the “NLBrute” malware and selling at least 35,000 compromised logins appeared in a Florida federal court on Tuesday facing charges of conspiracy, access device fraud and computer fraud.

Dariy Pankov, also known as “dpxaker,” was arrested in the Republic of Georgia on Oct. 4, 2022 and was recently extradited to the United States, U.S. Attorney Roger B. Handberg said in a statement Wednesday. Pankov faces a maximum of 47 years in federal prison if convicted on all counts, Handberg said.

Pankov stands accused of developing NLBrute — also known as nl.exe or nlbrute.exe — and advertising it for sale on an underground forum as early as June 2016, according to an indictment unsealed this week. During that time he also sold more than 35,000 compromised login credentials for access to systems around the world, including in the United States, France, the United Kingdom, Italy and Australia. At least two of those sales were to undercover U.S. law enforcement officers, according to the indictment, and involved login credentials for two separate Florida-based law firms.

Credentials sold by Pankov were “used to facilitate a wide range of illegal activity, including ransomware attacks and tax fraud,” Handberg’s statement said.

Between August 2016 and January 2019 Pankov netted nearly $360,000 from both credential sales and offering access to NLBrute, prosecutors allege. The indictment was originally filed in April 2019 and includes notice that the government intends to take $358,437 in restitution.

Pankov’s attorney did not immediately respond to a request for comment Thursday.

Source…

Feds close case of Kremlin-connected Russian tech businessman accused of hacking non-public reports of U.S. companies

/in


The fate of a Kremlin-connected Russian tech businessman accused of directing an $82 million hacking scheme of non-public reports of U.S. companies and then illegally trading off this information is now in the hands of a federal jury.

Attorneys made their closing arguments Friday following the two-week trial of Vladislav Klyushin in federal court in Boston’s Seaport District.

The defense argued that the case was politically motivated and built on “predetermined conclusions.” The prosecution argued that Klyushin’s trading activities had only a “one-in-a-trillion chance” of being coincidental and unconnected to the hacking.

Klyushin was a director of Moscow, Russia-based M-13, a company, according to court documents, which provided services including the “monitoring and analytics of media and social media messages” and penetration testing — a service in which a company tests for security vulnerabilities in IT infrastructure. The company claimed it was used by Russian government agencies and even by President Vladimir Putin’s office.

He was arrested while on a ski trip in Switzerland in March 2021 and then extradited to the U.S. to face four counts related to conspiracy and wire and securities fraud.

Klyushin was indicted alongside alleged co-conspirators Ivan Ermakov and Nikolai Rumiantcev on April 6, 2020. Two others, Mikhail Irzak and Igor Sladkov, have also been charged in the case. All of the alleged conspirators, excepting Klyushin, remain at large.

Ermakov, the alleged lead hacker, is a former officer in the Russian Main Intelligence Directorate (GRU) also wanted by the FBI after he and 11 others were indicted by a federal grand jury in Washington D.C. in July 2018 for allegedly interfering in the 2016 presidential election.

“What’s not in dispute is that the hackers were sophisticated, they were experts,” said Assistant U.S. Attorney Stephen Frank during the prosecution’s rebuttal, the last of the arguments heard before the jurors were given instructions by Judge Patti B. Saris.

Prosecutors allege Klyushin directed a scheme in which hackers at his company obtained quarterly and annual reports of major companies before they were made public by…

Source…

El Paso police officer accused of attempted visual recording in women’s locker room

/in


EL PASO, Texas (El Paso Matters) — An El Paso police officer is facing felony charges for the second time in two years, with the latest charge alleging he was involved in an attempted visual recording in the women’s locker room at the police Westside Regional Command Center.

Gilberto Hilario Silva, 28, is charged with one count each of attempted invasive visual recording, indecency with a child by exposure, breach of computer security and unauthorized use or release of criminal information. The first two charges are felonies; the other two are misdemeanors or felonies, depending on circumstances.

Silva was arrested Thursday and released on bonds totaling $50,000 the same day. He did not respond to requests for comment from El Paso Matters to his phone or email address.

El Paso Matters began inquiring about Silva’s charges on Thursday, but police did not respond to requests for information. Instead, they issued a vague news release Friday evening.

The news release said that on May 1, the police Special Investigations Unit “investigated an allegation of Invasive Visual Recording that occurred in the female locker room of the Westside Regional Command Center.” 

No other details were provided. Police did not respond to questions about what led to charges of indecency with a child, breach of computer security and unauthorized use or release of criminal information.

At the time the investigation began, Silva was awaiting trial on a felony charge of assault of a pregnant person, court records show. Police did not respond to questions about whether he was on active duty and working at the regional command at the time.

The news release said he is currently on administrative leave, but police didn’t respond to questions about when the leave began. He has been an officer three years, according to the news release.

Silva was charged on March 10, 2021, with assault on a pregnant person. The felony charge was dismissed on May 31, 2022, according to court records. That was 30 days after police began the investigation into the invasive recording at the Westside Regional Command.

An indictment accused Silva of grabbing and pushing a woman he knew…

Source…

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S. – Krebs on Security

/in


A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.”

A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019.

On June 22, KrebsOnSecurity published Meet the Administrators of the RSOCKS Proxy Botnet, which identified Denis Kloster, a.k.a. Denis Emelyantsev, as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer.

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog, which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.” Kloster’s blog even included a group photo of RSOCKS employees.

“Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We make products that are used by thousands of people around the world, and this is very cool! And this is just the beginning!!! We don’t just work together and we’re not just friends, we’re Family.”

The Bulgarian news outlet 24Chasa.bg reports that Kloster was arrested in June at a co-working space in the southwestern ski resort town of Bansko, and that the accused asked to be handed over to the American authorities.

“I have hired a lawyer there and I want you to send me as quickly as possible to clear these baseless charges,” Kloster reportedly told the Bulgarian court this week. “I am not a criminal and I will prove it in an American court.”

Launched in 2013, RSOCKS was shut down in June 2022 as part of an international investigation into the cybercrime service. The Justice Department’s

Source…