A Ukrainian computer hacker who was alleged to use a botnet of over 13,000 computers to steal credentials and log-in data has plead guilty.
Sergey Vovnenko, a 29-year-old malicious hacker of Ukrainian nationality had previously fought extradition to the United States. The hacker was even accused of attempting to frame a well-known cybersecurity expert Brian Krebs. However, the hacker whose aliases included “Darklife”, “Centurion” and “Flycracker” plead guilty to multiple charges, as reported by Reuters.
The charges, according to US Attorney Paul Fishman in the state of New Jersey include aggravated identity theft and conspiracy to commit wire fraud.
US Attorney Paul Fishman said:
Vovnenko commandeered thousands of computers to create a virtual army of hacked computers that he and his conspirators used to break into other networks and steal valuable information.
Vovnenko entered his guilty plea after admitting to operate a botnet swarm of over 13,000 computers infected with malware in order to gain unauthorized access to steal banking information. The hacker also used the notorious “Zeus” strain of malware in the online banking credentials’ theft where he recorded victims’ keystrokes using a key-logger program.
A resident of Naples, Italy, Vovnenko now faces a mandatory two-year prison term as a minimum for identity theft. The hacker may also face additional prison time including a fine for conspiracy. His sentencing is scheduled on May 2.
Vovnenko was detained by Italian authorities and fought extradition following a June 2014 arrest. He made his first US court appearance in October 2015.
Security researcher Brian Krebs revealed on his blog that Vovenko attempted to have heroin sent to Krebs’ Virginia home in 2013 before telling police when the drugs had arrived. The plot was foiled when Krebs tracked Vovnenko’s illicit online endeavors before alerting the police.
“Angry that I’d foiled his plan to have me arrested for drug possession,” Krebs revealed on his blog, “Fly had a local florist send a gaudy floral arrangement in the shape of a giant cross to my home, complete with a menacing message that addressed my wife and was signed, ‘Velvet Crabs.'”
Vovnenko was previously an administrator at an illicit and now-defunct online cybercrime forum called ‘thecc’ in a nod to credit card fraud.
Image credit: Flickr.