Ukraine arrests operator of DDoS botnet with 100,000 bots
Image: SSU
Catalin Cimpanu October 11, 2021

Ukraine arrests operator of DDoS botnet with 100,000 bots

Ukraine arrests operator of DDoS botnet with 100,000 bots

Ukrainian law enforcement announced the arrest of a suspect on accusations of running a giant malware botnet of more than 100,000 infected systems.

Authorities said the suspect used their botnet to launch DDoS attacks, send spam, brute-force user account passwords, scan networks for vulnerabilities, and exploit them.

The arrest was announced today by the Security Service of Ukraine (SSU):

  • The suspect’s name was not released.
  • The arrest took place in the Ivano-Frankivsk region, in the Kolomyia district.
  • SSU officers searched the suspect’s house and seized their computer equipment.
  • SSU said the suspect had advertised their services via Telegram and closed-access forums.
  • The suspect took payment via WebMoney, a Russian money transfer platform banned in Ukraine.

News of the arrest comes after Russian security firm Rostelecom-Solar helped sinkhole the Meris DDoS botnet and after US authorities charged a Turkish national in connection to the WireX botnet.

It is unclear to which malware botnet the suspect arrested in Ukraine is connected. An SSU spokesperson did not return a request for comment.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.