Ukrainian law enforcement has reportedly arrested a suspected botnet herder who the government believes to have been responsible for controlling an automated network of roughly 100,000 compromised machines. The machines were used to launch spam campaigns, DDoS attacks, scan for vulnerabilities in websites to exploit, and brute-force users’ email passwords. The individual is found to have communicated with customers for his services on encrypted platforms such as Telegram and private underground forums. The suspected individual received payment for his services via channels banned in Ukraine such as WebMoney.
The individual registered his real address with WebMoney, eventually leading to his arrest. He faces charges relating to the creation, distribution, and sale of malicious software or hardware, interference with the work of computers, automated systems, and computer or telecoms networks. Police have seized equipment at the property. Ukraine law enforcement officers have been able to locate and take down several threat actors in recent years, notably suspected members of the Egregor ransomware group and the Clop ransomware gang, both arrested in the country last year.
Read More: Ukraine Police Cuff Botnet Herder Who Controlled 100K Machines