DoJ announced that an Estonian national pleaded guilty today in the District of Alaska to two counts of computer fraud and abuse.
According to court documents, Pavel Tsurkan, 33, operated a criminal proxy botnet by remotely accessing and compromising more than 1,000 computer devices and internet routers worldwide, including at least 60 victims in Alaska. He used the victims devices to build and operate an Internet of Things (IoT)-based botnet dubbed the ‘Russian2015’ using the domain Russian2015.ru. He modified the operation of each compromised internet router so it could be used as a proxy to transmit third-party internet traffic without the owners knowledge or consent. He then sold access to global cybercriminals who channeled their traffic through the victims home routers, using the victims devices to engage in spam campaigns and other criminal activity. The Alaska victims experienced significant data overages even when there were no home computers connected to the victims home networks. The data overages resulted in hundreds to thousands of dollars per victim. (Source: U.S. Department of Justice)