The Hacker Hunters Chasing Rus­sian Shad­ows

U.S. in­ves­ti­ga­tors are step­ping up the fight against Rus­sian cy­ber­crim­i­nals. But are they go­ing af­ter the right guys?

The Moscow Times - - LIVING HERE - By Howard Amos news­re­porter@ime­ | Illustration by Bo­je­moi

It was the mid­dle of the night when a group of Span­ish po­lice came crash­ing into the Levashovs’ va­ca­tion apart­ment in Barcelona. “They broke the door down… and forced us onto the floor in front of our four-year-old child,” Mariya Levashova told the Krem­lin-con­trolled RT tele­vi­sion net­work in an in­ter­view given shortly af­ter­ward.

Mariya’s hus­band, Py­otr Levashov, is now in a Span­ish prison fac­ing ex­tra­di­tion to the United States on hack­ing charges. The U.S. main­tains he is a spam­ming king­pin liv­ing a lux­u­ri­ous life in St. Peters­burg. But Levashova says her hus­band is just an av­er­age com­puter pro­gram­mer.

For many years, the U.S. has hunted Rus­sian hack­ers ac­cused of com­mit­ting cy­ber crimes, tar­get­ing them with ex­tra­di­tion re­quests when they leave the rel­a­tively safe con­fines of the for­mer Soviet Union. But the game of cat and mouse took on a dif­fer­ent di­men­sion fol­low­ing al­leged Rus­sian in­ter­fer­ence in the 2016 U.S. pres­i­den­tial elec­tion. The ar­rest of Levashov in April and at least two other sim­i­lar cases ap­pear to be the re­sult of a stepped-up ef­fort by U.S. law en­force­ment.

Rus­sian of­fi­cials have re­peat­edly de­nied charges of med­dling, and ac­cuse U.S. author­i­ties of kid­nap­ping its cit­i­zens. In at least one in­stance, Rus­sia has filed a counter-ex­tra­di­tion re­quest in a bid to nul­lify a move by the U.S.

The stakes of the hunt are high. Rus­sian hack­ers who the U.S. suc­ceeds in ex­tra­dit­ing can ex­pect long prison sen­tences if found guilty. Ear­lier this year, a Seat­tle court con­victed Ro­man Seleznev, a Rus­sian hacker, and son of a Duma deputy, to 27 years in prison. He was handed over to the U.S. by po­lice while on hol­i­day in the Mal­dives.

In a state­ment read out by his lawyer af­ter the trial, 32-year old Seleznev, who has health prob­lems, said he had been handed the equiv­a­lent of a “death sen­tence.”

The hunters

One of the key chal­lenges for U.S. in­ves­ti­ga­tors is link­ing a hacker’s dig­i­tal foot­prints to a real per­son — and then prov­ing the con­nec­tion. Cy­ber-crim­i­nals of­ten use dozens of on­line nick­names to throw in­ves­ti­ga­tors off the trail. Ac­cord­ing to the U.S. magazine Wired, Levashov was caught when he com­mit­ted a ba­sic er­ror: he used the same cre­den­tials to log into his crim­i­nal ven­tures as he did to or­di­nary sites and ap­pli­ca­tions like iTunes.

An­other chal­lenge po­lice face is co­or­di­nat­ing sprawl­ing in­ves­ti­ga­tions, which can in­volve crim­i­nals all over the world. Cy­ber-crooks work in closely-knit on­line units, and not nec­es­sar­ily in the same coun­try. Such groups in­volve tech­ni­cal spe­cial­ists and man­agers, as well as mules re­spon­si­ble for cash­ing-out af­ter suc­cess­ful cy­ber-heists. In De­cem­ber, the FBI was one of 30 law en­force­ment bod­ies in­volved in the world’s largest ever cy­ber-take­down, de­stroy­ing an on­line crime plat­form known as Avalanche. At the end of the four-year in­ves­ti­ga­tion, po­lice car­ried out 5 ar­rests, seized 39 web servers and re­moved more than 830,000 web do­mains.

At the same time as Levashov’s ar­rest in Spain in April, U.S. agents were work­ing to dis­man­tle the Keli­hos bot­net, a global net­work of in­fected com­put­ers. Keli­hos was re­port­edly used to har­vest lo­gin in­for­ma­tion, blast out mil­lions of spam mes­sages, im­plant mal­ware and ar­ti­fi­cially el­e­vate the price of cer­tain stocks (so-called pump and dump schemes). The U.S. Depart­ment of Jus­tice says Levashov had been run­ning Keli­hos since 2010.

Newspapers in English

Newspapers from Russia

© PressReader. All rights reserved.