Feeds

Feds pursue Russian, 23, behind ⅓ of ALL WORLD SPAM

Badges pursue bot cowboy who mustered huge Mega-D herd

Beginner's guide to SSL certificates

FBI investigators have named a 23-year-old Russian as a prime suspect behind the operation of the infamous 500,000 Mega-D botnet, blamed for an estimated one in three spam emails prior to a take-down operation early last year.

Oleg Nikolaenko, a 23-year-old Moscow resident, was accused of violating US anti-spam and fraud laws in a sworn testimony by an FBI agent investigation the case, the Smoking Gun reports.

Webmail records from two Gmail accounts and financial transactions (via the ePassporte service) link Nikolaenko to the operation of the botnet, according to court paper submitted in a grand jury investigation.

The Mega-D zombie network was infamous as a prolific source of counterfeit prescription, herbal remedy and fake Rolex spam. A January 2009 takedown operation mounted by security firm FireEye hit Mega-D very hard, drastically affecting spam output, which has returned but never to the same noxious levels.

Nikolaenko is the first suspect to be named in the Mega-D botnet investigation case and not much is known about him aside from a short entry by Nikolaenko in Spamhaus's ROKSO database of the world's most prolific spammers, which can be found here.

The Russian constitution specifically prohibits extradition of its citizens. Nikolaenko previously visited the US voluntarily twice last year but he's unlikely to return once he gets wind that the feds are on his case.

Up until recently Russia was considered something of a safe haven for cybercrooks, who were left alone by the authorities providing only non-Russians were targeted and (it's rumoured) bribes to local politicians and corrupt police were paid. Some of these blackhats may have provided a conveniently deniable source for cyberattack against Georgia that accompanied armed hostilities between the two countries back in 2008.

More recently attitudes have changed as those at the top of Russia political leadership have begun to see cybercrooks as an obstacle to making the country less economically reliant on its natural energy reserves by expanding its IT sector. However, local attitudes remain inconsistent and it is difficult to predict whether or not Nikolaenko will be questioned over any offence – much less charged.

Security blogger and ex Washington Post reporter Brian Krebs noted earlier this week that the suspected operator of a large underground carding forum has expanded his business over the last four years, after been publicly outed as a significant cybercrime operator by the New York Times back in 2006. Sergey Kozerev, originally from St Petersburg, still runs a "bustling marketplace for purloined financial data", Krebs reports. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
SHELLSHOCKED: Fortune 1000 outfits Bash out batches of patches
CloudPassage points to 'pervasive' threat of Bash bug
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.