41-year-old Maxim Senakh, of Velikii Novgorod, was arrested by Finnish police in August 2015 for his role in the development and maintenance of the infamous Linux botnet called Ebury that siphoned millions of dollars from victims worldwide.
Senakh was extradited to the United States in February 2016 to face charges and pleaded guilty in late March this year after admitting of creating a massive Ebury botnet and personally being profited from the scheme.
First spotted in 2011, Ebury is an SSH backdoor Trojan for Linux and Unix-style operating systems, such as FreeBSD or Solaris, which gives attackers full shell control of an infected machine remotely even if the password for affected user account is changed regularly.
Senakh and his associates used the malware to build an Ebury botnet network of thousands of compromised Linux systems, which had the capacity of sending over 35 million spam messages and redirecting more than 500,000 online visitors to exploit kits every day.
"Working within a massive criminal enterprise, Maxim Senakh helped create a sophisticated infrastructure that victimized thousands of Internet users across the world," said Acting U.S. Attorney Brooker.
"As society becomes more reliant on computers, cyber criminals like Senakh pose a serious threat. This Office, along with our law enforcement partners, is committed to detecting and prosecuting cyber criminals no matter where they reside."Ebury first came into headlines in 2011 after Donald Ryan Austin, 27, of El Portal, Florida, installed the Trojan on multiple servers owned by kernel.org and the Linux Foundation, which maintain and distribute the Linux operating system kernel.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
Austin, with no connection to the Ebury criminal gang, was arrested in September last year and was charged with 4 counts of intentional transmission causing damage to a protected computer.
However, a US judge on Thursday sentenced Senakh to 46 months in prison, the Department of Justice announced on Thursday. The case was investigated by the Federal Bureau of Investigation's field office in Minneapolis.
Senakh will be deported back to Russia following his release from the U.S. prison.