A Russian man pleaded guilty in US federal court on Tuesday that installed and exploited malware on more than 10,000 computers servers to generate millions of dollar in fraudulent payments.
Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty in US federal court for his role in development and maintenance of the infamous Linux botnet known as “Ebury”.
Senakh was detained on Jan. 13, 2015, and was subsequently arrested by Finland authorities, who extradited him to the United States in January 2016.
First spotted in 2011, Ebury is an SSH backdoor Trojan to steal OpenSSH credentials and maintain access to the compromised server, which infected more than 500,000 computers and 25,000 servers in a worldwide campaign called “Operation Windigo”.
First came in the news in 2011 after Donald Ryan Austin from EL Portal, Florida, installed Ebury malware on multiple servers owned by Kernel.org and the Linux Foundation.
Kernel.org and Linux Foundation helps in maintenance and distribution of systems
Austin was arrested last year in September and charged with four counts of “intentional transmission causing damage to a protected computer.”
Ebury botnet compromised Linux System and make networks of botnets, which had the capacity of sending over 35 million spam messages and redirecting more than 500,000 Web visitors to the compromised website.
Senakh admitted that he supported the criminal enterprises by creating accounts which help build the Ebury malware botnet and profited from traffic generated by the botnet. Senakh Sentencing is set for August 3, 2017.
According to US federal court, “Senakh and his co-worker created and operated the botnet compromising and infecting more than 10,000 servers throughout the world, including thousands in the United States”. “Senakh and his co-worker used the botnet to generate millions of traffic, which fraudulently generated millions of dollars in revenue by various click-fraud and spam email schemes”.
Senakh faces up to a combined 30 years in prison.
Want the In-Depth analysis of Ebury Linux Malware, Visit here.