Security Experts:

Connect with us

Hi, what are you looking for?



Kelihos Botnet Author Pleads Guilty in U.S. Court

Peter Yuryevich Levashov, a 38-year-old Russian national accused of operating the notorious Kelihos botnet, pleaded guilty on Wednesday to computer crime, fraud, conspiracy and identity theft charges.

Peter Yuryevich Levashov, a 38-year-old Russian national accused of operating the notorious Kelihos botnet, pleaded guilty on Wednesday to computer crime, fraud, conspiracy and identity theft charges.

Levashov, aka “Petr Levashov,” “Peter Severa,” “Petr Severa” and “Sergey Astakhov,” is said to have operated several botnets between the late 1990s and April 2017, when he was arrested.

The Storm and Waledac botnets, which share source code with Kelihos, have also been attributed to Levashov. Levashov’s malware had infected hundreds of thousands of computers, allowing him and other cybercriminals who rented the botnets to send spam and steal valuable information from compromised devices. Authorities said the man also took part in operating various cybercrime forums.

The Kelihos, Storm and Waledac botnets reportedly generated hundreds of millions of dollars for cybercriminals. Data leaked in 2010 after hackers broke into the systems of a pharmacy spam program showed that Levashov had made nearly $600,000 from these types of activities over a 3-year period.

Spamhaus’ entry on Levashov in its Register of Known Spam Operations (ROKSO) describes the Russian as “one of the longest operating criminal spam-lords on the internet.”

Levashov was indicted in the United States on April 20, just days after his arrest in Spain and action taken by authorities to dismantle the Kelihos botnet. He was extradited to the United States in February.

Levashov on Wednesday pleaded guilty in U.S. District Court in Hartford, Connecticut, to one count of causing intentional damage to a protected computer, one count of conspiracy, one count of aggravated identity theft, and one count of wire fraud.

His sentencing has been scheduled for September 6, 2019, and he will remain in custody until then. It’s unclear why the judge scheduled sentencing for one year from now, but it could indicate that Levashov is working with law enforcement agencies on dismantling other cybercrime operations.

“For years, Mr. Levashov lived quite comfortably while his criminal behavior disrupted the lives of thousands of computer users,” said U.S. Attorney John H. Durham of the District of Connecticut. “Thanks to the collaborative work of the FBI and our partners in law enforcement, private industry and academia, a prolific cybercriminal has been neutralized, and has now admitted his guilt in a U.S. courtroom.”

Related: Russian Pleads Guilty to Role in Linux Botnet Scheme

Related: Citadel Botnet Author Pleads Guilty

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.