Russian Malware-masker convicted in US


A Russian cyber-criminal was convicted in the United States for running a malware-masking service that helped hackers systematically infect victim computers around the world with malware, including ransomware.

A federal jury in Connecticut found 41-year-old Oleg Koshkin, native of Estonia, guilty of operating a crypting business via multiple websites, including “,” and “”

Koshkin and his co-conspirators claimed on the website that they could render malicious software such as botnets, remote-access trojans, keyloggers, credential stealers and cryptocurrency miners undetectable by almost every major antivirus software. 

As per court documents. Koshkin worked with Kelihos botnet operator Peter Yuryevich Levashov (aka Sergey Astakhov aka Petr Severa) to create a system that would allow Levashov to crypt the Kelihos malware multiple times per day. 

According to a Department of Justice spokesperson, Koshkin provided Levashov with a custom, high-volume crypting service that enabled Levashov to distribute Kelihos through multiple criminal affiliates. Levashov used the Kelihos botnet to send spam, harvest account credentials, conduct denial of service attacks, and distribute ransomware and other malicious software.

The Kelihos botnet included at least 50,000 compromised computers globally when it was shut down in 2017 by the FBI following Levashov’s arrest in Barcelona. He was extradited to the United States and then pleaded guilty in 2018.

Koshkin was arrested in California in September 2019 and has been detained since his arrest. He faces a maximum penalty of 15 years in prison and is scheduled to be sentenced on September 20.

Pavel Tsurkan, Koshkin’s co-defendant, is charged with aiding and abetting Levashov in causing damage to 10 or more protected computers and also with conspiring to cause damage to 10 or more protected computers.

Acting Assistant Attorney General Nicholas McQuaid of the Justice Department’s Criminal Division stated that the verdict should serve as a warning to those who provide infrastructure to cyber-criminals. He added that the criminal Division and the law enforcement partners consider them to be just as culpable as the hackers whose crimes they enable, and that they will work tirelessly to bring justice.


Please enter your comment!
Please enter your name here