DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Moldovan Botnet Operator Indicted for Role in Conspiracy to Unlawfully Access Thousands of Infected Computers Throughout the United States

Posted on April 19, 2024 by Dissent

From the U.S. Attorney’s Office, Western District of Pennsylvania on April 16, 2024:

Note: Click here to view the wanted poster for Alexander Lefterov

PITTSBURGH, Pa. – A Moldovan national has been indicted by a federal grand jury in Pittsburgh for computer fraud crimes, aggravated identity theft, and conspiracy to commit wire fraud, United States Attorney Eric G. Olshan announced today.

The nine-count Indictment names Alexander Lefterov, a/k/a “Alipako,” a/k/a “Uptime,” a/k/a “Alipatime,” age 37, of Chisinau, Moldova, as the sole defendant.

According to the Indictment, from March 2021 through November 2021, Lefterov and his co-conspirators operated and controlled a botnet comprising thousands of infected computers throughout the United States, including in the Western District of Pennsylvania. Lefterov’s co-conspirators allegedly included “coders” who used their technical expertise to maintain and update the botnet over time. During the conspiracy, Lefterov and his co-conspirators stole victims’ login credentials—i.e., usernames and passwords—from the infected computers and then used the credentials to gain access to victim accounts at financial institutions, payment processers, and retail establishments as means to steal money from the victims. To further monetize the scheme, Lefterov allegedly leased the botnet to other co-conspirators by providing them access to infected computers as well as to the victims’ stolen credentials. Lefterov and his co-conspirators also provided access to the botnet for the purpose of distributing malware, including ransomware, to infected computers within the botnet. As the owner and operator of the botnet, Lefterov allegedly received a percentage-share of profits derived from the scheme.

“Lefterov and his co-conspirators allegedly used their sophisticated cyber skills and capabilities to victimize people throughout the country without regard for the financial havoc they wreaked,” U.S. Attorney Olshan said. “This case illustrates the resolve of our office and the law enforcement community to identify and pursue accountability from those who seek to exploit technology for their own personal gain at the expense of ordinary citizens. We will continue our collective fight to keep our neighbors safe regardless of whether they’re out on the street or sitting behind their keyboards.”

“Protecting Americans in cyber space is a top priority, and we will aggressively pursue anyone, no matter if they’re on U.S. soil or overseas, who believes our population is an easy target,” said FBI Pittsburgh Special Agent in Charge Kevin Rojek. “The FBI and our partners will continue investigating the sources behind malware intrusions and the hijacking of machines for malicious attacks against Americans online. We urge everyone to practice secure cyber hygiene.”

“The United States Secret Service continues to locate cyber criminals wherever they may be, whether domestically or hiding abroad,” said Special Agent in Charge Timothy Burke, U.S. Secret Service Pittsburgh Field Office. “Working with our partners, we will continue these investigations to safeguard Americans from cyber fraud and other illicit activities.”

The Indictment against Lefterov was returned on December 28, 2021, and unsealed today.

The conspiracy to commit computer fraud, unauthorized access of a protected computer to obtain information for financial gain, and conspiracy to commit wire fraud offenses each carry a maximum penalty of five years in prison. The intentional damage to a protected computer offense carries a maximum penalty of 10 years in prison, and the maximum penalty for each of the aggravated identity theft offenses is not less than two years of imprisonment to run consecutively to any other term of imprisonment imposed. Under the federal Sentencing Guidelines, the actual sentence imposed would be based upon the seriousness of the offenses and the prior criminal history, if any, of the defendant.

Assistant United States Attorney Mark V. Gurzo is prosecuting this case on behalf of the government.

The Federal Bureau of Investigation and United States Secret Service conducted the investigation leading to the Indictment in this case. The Justice Department’s Office of International Affairs provided valuable assistance in this matter, as did Lithuanian and Moldovan authorities.

An indictment is an accusation. A defendant is presumed innocent unless and until proven guilty.

Updated April 16, 2024
Category: Malware

Post navigation

← NYS Legislature’s bill drafting office is dealing with cyberattack
NIS2 implementation enters the final stretch – six months to deadline →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas gastroenterology and surgical practice victim of ransomware attack
  • Romanian Citizen Pleads Guilty to ‘Swatting’ Numerous Members of Congress, Churches, and Former U.S. President
  • North Dakota Enacts Financial Data Security and Data Breach Notification Requirements
  • Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says
  • Vanta bug exposed customers’ data to other customers
  • Lyrix Ransomware Targets Windows Users with Advanced Evasion Techniques
  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Agrees to Clarify Emergency Situations Where Police Don’t Need Warrant
  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.