Botnet herder / spam kingpin arrested

Via Krebs on Security, a russian named Pyotr Levashov has been arrested in Spain. According to news reports (NY Times, Reuters) the arrest happened in response to a warrant issued by the US, but no details were given as to what he was being charged with. The DoJ says the case is currently under seal and will not comment on charges.
There is widespread agreement that this person is involved in major spamming operations. He’s one of Spamhaus’ Top 10 spammers (ROKSO listing). He’s been implicated in fraud during the 2012 elections in Russia. Some reports are speculating that he was involved in the hacking of the 2016 elections here in the US, but there’s no current evidence that’s true.
 
 

Related Posts

Anti-Botnet Code of Conduct Published

The Communications Security, Reliability and Interoperability Council (CSRIC) published a Anti-botnet code of conduct for ISPs. This is a purely voluntary code for U.S. ISPs that want to mitigate the botnet threat to follow. You can download a full copy of the final report from the MAAWG website. The FCC has published a fact sheet about the report on their own website.

Read More

Port25 blocking

biohazardmailA number of hosting providers are blocking outgoing port25. This has implications for a lot of smaller senders who either want to run their own mail server or who use SMTP to send mail to their ESP.

Read More

Whirlwind that is M3AAWG

It’s been a great conference, and it’s only about half done. As is common at these conferences, I write down lots of things we should do and need to publish. The difference is now that we are growing I may have the time to put the polish on them and get them published.
Today’s keynote discussed the economics of botnet mitigation. Michel van Eeten from Delft University of Technology presented information compiled from some different datasets about botnets.
Good news
Botnet infection rates are relatively stable. They’ve not spiraled out of control like some people were predicting.
Interesting news
More than 50% of bot infections are contained on 50 ISPs in the entire world.
Bad news
Centers set up specifically to fix botnet infections don’t really have a big impact on infection cure rate.
Good news
ISP actions and walled gardens do have an impact on infection cure rates.
The biggest take away from the session is that ISPs are critical in both protecting from infection and helping users cure infection once it happens.

Read More