Feeds

Feds pursue Russian, 23, behind ⅓ of ALL WORLD SPAM

Badges pursue bot cowboy who mustered huge Mega-D herd

Beginner's guide to SSL certificates

FBI investigators have named a 23-year-old Russian as a prime suspect behind the operation of the infamous 500,000 Mega-D botnet, blamed for an estimated one in three spam emails prior to a take-down operation early last year.

Oleg Nikolaenko, a 23-year-old Moscow resident, was accused of violating US anti-spam and fraud laws in a sworn testimony by an FBI agent investigation the case, the Smoking Gun reports.

Webmail records from two Gmail accounts and financial transactions (via the ePassporte service) link Nikolaenko to the operation of the botnet, according to court paper submitted in a grand jury investigation.

The Mega-D zombie network was infamous as a prolific source of counterfeit prescription, herbal remedy and fake Rolex spam. A January 2009 takedown operation mounted by security firm FireEye hit Mega-D very hard, drastically affecting spam output, which has returned but never to the same noxious levels.

Nikolaenko is the first suspect to be named in the Mega-D botnet investigation case and not much is known about him aside from a short entry by Nikolaenko in Spamhaus's ROKSO database of the world's most prolific spammers, which can be found here.

The Russian constitution specifically prohibits extradition of its citizens. Nikolaenko previously visited the US voluntarily twice last year but he's unlikely to return once he gets wind that the feds are on his case.

Up until recently Russia was considered something of a safe haven for cybercrooks, who were left alone by the authorities providing only non-Russians were targeted and (it's rumoured) bribes to local politicians and corrupt police were paid. Some of these blackhats may have provided a conveniently deniable source for cyberattack against Georgia that accompanied armed hostilities between the two countries back in 2008.

More recently attitudes have changed as those at the top of Russia political leadership have begun to see cybercrooks as an obstacle to making the country less economically reliant on its natural energy reserves by expanding its IT sector. However, local attitudes remain inconsistent and it is difficult to predict whether or not Nikolaenko will be questioned over any offence – much less charged.

Security blogger and ex Washington Post reporter Brian Krebs noted earlier this week that the suspected operator of a large underground carding forum has expanded his business over the last four years, after been publicly outed as a significant cybercrime operator by the New York Times back in 2006. Sergey Kozerev, originally from St Petersburg, still runs a "bustling marketplace for purloined financial data", Krebs reports. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.