Russian cybercrime mastermind Georgy Avanesov was found guilty of computer sabotage by an Armenian court on Tuesday and sentenced to four years in prison. The trial is monumental, not only for the sentencing of a criminal who hijacked millions of computers, but also because it is reportedly the country's first conviction of a computer criminal.
Arrested in 2010, 27-year-old Avanesov is famous for creating the Bredolab botnet. Bredolab refers to the name of the virus Avanesov used to quietly access unsuspecting computers, mainly through a backdoor created when a user opened a malicious email, and was responsible for spamming, spreading malware and carrying out anti-virus attacks. At its peak, the Bredolab botnet sent out 3.6 million junk mail messages per day.
Avanesov also rented out access to the network of zombie computers to other hackers, reportedly earning about 100,000 euros a month.
During pre-trial questioning, Avanesov admitted he created the Bredolab malware during, but denied any criminal intent, claiming that he passed it on to an unknown individual without knowledge of that person's intentions.
“Georgi Avanesov did not know anyone [involved in cyber crime] and did not intend to deliberately harm anyone,” his defense attorney Gengam Hakobian told Aravot, an Armenian newspaper.
In the 25-page indictment, the prosecution said Avanesov developed the Bredolab in Armenia and used computer servers in Holland and France to spread the virus.
Avanesov's criminal enterprise was compromised in October 2010, when Dutch authorities took control of the botnet, seizing and disconnecting 143 computer servers. Avanesov was arrested at the Armenia's Zvartnots International Airport the next day, flying in from Moscow.
Along with computer sabotage, Avanesov was initially charged with "altering information stored on a computer system through means of unauthorized access, stealing computer data, creating hacking software with the intention of selling it and distributing malicious software," according to PC Advisor. However, the other charges were dropped and the court only found Avanesov guilty of computer sabotage.
Although Dutch authorities were able to seize key computer servers in the Bredolab botnet, a portion of the network remains alive with a couple command nodes still intact.