A Russian cybercriminal has been jailed for eight years for participating in a botnet scheme that caused at least $100 million in financial damage.
According to the US Department of Justice (DoJ), Aleksandr Brovko was an active member of "several elite, online forums designed for Russian-speaking cybercriminals to gather and exchange their criminal tools and services."
The 36-year-old, formerly of the Czech Republic, worked with other cybercriminals to scrape information gathered by botnets.
Brovko wrote scripts able to parse log data from botnet sources and then searched these data dumps to uncover personally identifiable information (PII) and account credentials.
See also: KashmirBlack botnet behind attacks on CMSs like WordPress, Joomla, Drupal, others[1]
Any account credentials logged by Brovko's code would then be verified by the Russian national -- sometimes manually -- to see if it was "worthwhile" using the accounts to conduct fraudulent transactions, prosecutors say[2]. If so, bank accounts would be pillaged by other threat actors and drained of funds.
"Brovko possessed and trafficked over 200,000 unauthorized access devices during the course of the conspiracy," the DoJ says. "These access devices consisted of either personally identifying information or financial account details."
Brovko participated in the scheme from 2007 through 2019. He has pleaded guilty to conspiracy to commit bank and wire fraud and was sentenced to eight years in prison by Senior US District Judge T.S. Ellis III.
TechRepublic: Hackers have only just wet their whistle. Expect more ransomware and data breaches in 2021[3]
As noted by The Register[4], Brovko's indictment[5] (.PDF) reveals he was retained by co-conspirator Alexander Tverdokhlebov, who was jailed for over nine years in 2017 after pleading guilty[6] to running botnets able to