CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Neverquest Trojan Operator Pleads Guilty

A Russian national has admitted in court to using the Neverquest Trojan to infect computers and steal their information for financial gain, the United States Department of Justice (DoJ) says. 

A Russian national has admitted in court to using the Neverquest Trojan to infect computers and steal their information for financial gain, the United States Department of Justice (DoJ) says. 

The man, Stanislav Vitaliyevich Lisov, 33, also known as “Black” and “Blackf,” was arrested in Spain on January 13, 2017, around the same time when the Trojan’s activity ceased. Lisov was extradited to the United States in January 2018.

On Friday, the DoJ announced that Lisov pleaded guilty to “conspiring to deploy and use a type of malicious software known as Neverquest to infect the computers of unwitting victims, steal their login information for online banking accounts, and use that information to steal money out of the victims’ accounts.”

Several years ago, Neverquest was one of the most active banking Trojans out there, causing significant damages in stolen funds. According to the DoJ, the malware “has been responsible for millions of dollars’ worth of attempts by hackers to steal money out of victims’ bank accounts.”

Neverquest was being spread via social media websites, phishing emails, and file transfers. Once installed, the malware would identify when the victim attempted to log onto an online banking website, intercept their login credentials, including username and password, and send the information to the command and control (C&C) server. 

The threat provided operators with the possibility to remotely control the victim’s computer, log into their online banking or other financial accounts, transfer money, change the login information, write online checks, and buy goods from online vendors.

According to documents presented in court, between June 2012 and January 2015, Lisov was responsible for creating and administrating a botnet of Neverquest-infected machines. 

He also maintained infrastructure for this criminal enterprise (such as renting and paying for servers used for botnet management), personally harvested login information from unwitting victims, and discussed trafficking in stolen login information and personally identifiable information of victims.

Advertisement. Scroll to continue reading.

Lisov pled guilty to one count of conspiracy to commit computer hacking, which carries a maximum sentence of five years in prison. His sentencing is scheduled for June 27, 2019. 

Related: Malware Creator Admits to Building and Selling LuminosityLink RAT

Related: Neverquest Trojan Ceases Operations

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.