Alexander Lefterov, a 37-year-old Moldovan national from Chisinau, has been charged by the U.S. Justice Department for his role as the owner and operator of a significant botnet that targeted thousands of computers across the United States. Referred to by aliases such as Alipako, Uptime, and Alipatime, Lefterov was indicted in December 2021 on multiple charges, including aggravated identity theft, computer fraud, and conspiracy to commit wire fraud. The indictment, unsealed recently, sheds light on the sophisticated operation orchestrated by Lefterov and his associates, who employed malware to pilfer credentials from infected devices.
Utilizing the stolen login information, Lefterov and his co-conspirators proceeded to siphon funds from victims’ accounts on various financial, payment processing, and retail platforms. Additionally, the infected computers could be accessed clandestinely through a hidden virtual network computing (hVNC) server, allowing the perpetrators to establish unauthorized connections with the victims’ online accounts using web browsers installed on the compromised devices. This method facilitated the exploitation of online platforms, which recognized the connections as legitimate due to their origin from trusted devices.
Furthermore, Lefterov and his accomplices offered access to the botnet, including via the hVNC server, to other cybercriminals seeking to breach victims’ networks and deploy malware, including ransomware. By leasing the botnet to co-conspirators, Lefterov aimed to maximize profits from the illicit scheme. The charges against Lefterov carry significant penalties, ranging from 2 to 10 years in prison, depending on the severity of the offenses. The FBI, in collaboration with its partners, remains committed to investigating and prosecuting individuals involved in cybercrimes targeting Americans online, emphasizing the importance of safeguarding citizens in cyberspace.
