A prolific Kazakh hacker known as ”fxmsp” has been charged with several US federal crimes for allegedly hacking the computer networks of a broad array of entities, including businesses, educational institutions, and governments throughout the world, the U.S. Department of Justice (DOJ) has announced.
The 37-year-old, whose real name is Andrey Turchin, has allegedly been linked to numerous high-profile data breaches, ransomware attacks, and other cyber crimes, according to the DOJ. His victims include big corporations listed in the Fortune 500. From the press release:
“According to the five-count indictment and records on file, from at least October 2017 through the date charges were returned by a Grand Jury, in December 2018, TURCHIN and his accomplices perpetrated an ambitious hacking enterprise broadly targeting hundreds of victims across six continents, including more than 30 in the United States. Widely known in hacking circles by the moniker ’fxmsp,’ TURCHIN employed a collection of hacking techniques and malicious software (malware) to gain and maintain access to victim networks. For instance, he often used specially designed code to scan the Internet for open Remote Desktop Protocol (RDP) ports and conduct brute-force attacks to initially compromise victim networks. Once inside the victim’s system, he moved laterally throughout the network and deployed additional malicious code to locate and steal administrative credentials and establish persistent access. The conspirators often modified antivirus software settings to allow malware to continue to run undetected.”
According to the indictment, authorities believe Turchin didn’t act alone. Together with his co-conspirators, he allegedly marketed and sold the network access on the dark web, charging as much as $100,000 in some cases. He even allowed prospective buyers to “sample” the network access for a limited period to test the quality and reliability of the hack.
Turchin is charged with conspiracy to commit computer hacking, two counts of computer fraud and abuse (hacking), conspiracy to commit wire fraud, and access device fraud. The FBI Seattle Office is actively investigating Turchin’s case. If found guilty of all the allegations, he is looking at 45 years behind bars.