(CN) – A Russian national out of St. Petersburg, thought to be the ringleader of a global hacking operation, pleaded guilty in federal court Wednesday to operating a vast network of computers to distribute thousands of spam emails, steal login credentials and install malicious software.
Peter Levashov, 38, pleaded guilty to one count of causing intentional damage to a protected computer, one count of conspiracy, one count of wire fraud and one count of aggravated identity theft stemming from his operation of the Kelihos botnet.
A botnet is a network of computers infected with malicious software that allows a third party to control the entire computer network without the knowledge or consent of the computer owners, according to the Department of Justice.
U.S. Attorney John Durham of the District of Connecticut stated in a press release that Levashov “also participated in online forums on which stolen identities, credit card information and cybercrime tools were traded and sold.
“Thanks to the collaborative work of the FBI and our partners in law enforcement, private industry and academia, a prolific cybercriminal has been neutralized, and has now admitted his guilt in a U.S. courtroom.”
Spanish authorities first arrested Levashov in Barcelona on April 7, 2017 based upon a criminal complaint and an arrest warrant issued in the U.S. At the time of his arrest, Kelihos had infected at least 50,000 computers.
A grand jury in Connecticut followed up with multiple indictments related to Levashov’s hacking activity on April 20, 2017. He was then extradited to the United States in February.
“We are grateful to Spanish authorities for his previous arrest and extradition,” said Assistant Attorney General Brian Banczkowski in the DOJ’s press release.
“Today’s guilty plea demonstrates that the Department will collaborate with our international law enforcement partners to bring cybercriminals to justice, wherever they may be,” Banczkowski said.
Since the late 1990s until his arrest, Levashov, who has also gone by Petr Levashov, Peter Severa, Petr Severa and Sergey Astakhov, had operated multiple botnets, including the Storm, Waldec and Kelihos botnets in order to harvest personal information and means of identification including email addresses, usernames and logins, and passwords from infected computers.
U.S. District Judge Robert Chatigny scheduled sentencing for September 6, 2019. Levashov is detained pending sentencing.