A Russian man faces up to 10 years after pleading guilty to installing malware on tens of thousands of computer servers in order to generate millions in fraudulent payments, law enforcement officials said.
Maxim Senakh, 41, admitted as part of his plea agreement to installing Ebury malware on computer servers around the world, including thousands in the United States, said officials from the Department of Justice (DoJ).
Senakh, along with the criminal organization he worked for, used the malware to create and operate a botnet that would “generate and redirect Internet traffic in furtherance of various click-fraud and spam email schemes, which fraudulently generated millions of dollars in revenue,” DoJ officials said. Senakh also admitted to personally profiting from the Ebury botnet.
Ebury is a SSH rootkit/backdoor Trojan that targeted servers running the Linux operating system. With Ebury, hackers could steal usernames and passwords, as well as use compromised systems to send massive amounts of spam, according to German cybersecurity authority CERT-Bund.
Senakh ended up arrested by Finnish authorities in 2015 and later extradited to the U.S. Following the arrest, Russian officials claimed it was illegal, describing it as an “abuse of the law in violation of internationally accepted procedural norms,” according to a Reuters report.
Senakh will end up sentenced Aug. 3, after pleading guilty to conspiracy to violate the Computer Fraud and Abuse Act and to commit wire fraud. He faces up to 10 years in prison.