KEY POINTS

  • Department of Justice revealed Andrey Turchin as the person behind "Fxmsp," who hacked, stole, and sold data of numerous companies
  • Turchin amassed millions of dollars worth of cryptocurrency in three years
  • The arrest was made possible through collaboration with international authorities, although it was unclear whether Turchin will stand before a U.S. court one day

The United States Department of Justice (DOJ) outed Andrey Turchin as the person behind the pseudonym “fxsmp,” and charged him with computer fraud, wire fraud, and conspiracy for illegally hacking company networks worldwide.

Known in the dark web as "the invisible god of networks," Turchin made the news last year when he stole and sold source code and customer access from hacking software security companies like McAfee and Trend Micro. Cointelegraph reported Turchin sold thousands of illegally accessed data through malware attacks and amassed millions of dollars worth of cryptocurrency in three years.

According to DOJ, Turchin would use Remote Desktop Protocol (RDP) ports before proceeding to facilitate brute-force attacks to compromise the victims’ networks initially. Once Turchin is inside the network, he would deploy additional malicious code to locate and steal critical data and to establish persistent access.

Turchin and his co-conspirators would sell the stolen data on websites in the dark web that are frequented by cybercriminals. Depending on the victims’ status and reputation, prices for the stolen data could range up to a hundred thousand dollars. Transactions often occurred using brokerage or escrow, which would allow buyers to sample the data first to test its reliability.

Singapore-based cybersecurity company Group-IB recently profiled Turchin’s attacks and called him one of the most prolific sellers of access to corporate networks in the history of Russian-speaking cybercriminal underground.

“Despite rather simplistic methods he used, Fxmsp managed to gain access to energy companies, government organizations and even some Fortune 500 firms,” the report added.

The arrest was made possible through collaboration with international authorities, including those in Kazakhstan, where Turchin resides and is a citizen. It was not mentioned whether the country already arrested Turchin, but the DOJ revealed they were indicting his co-conspirators, whose names were not disclosed.

According to U.S. Attorney Brian T. Moran, cybercrime knows no international borders so it requires international cooperation to stop it. He commended Kazakhstan for assisting in the investigation. “I am hopeful these critical international partnerships between cybercrime investigators will lead to holding Andrey Turchin accountable in a court of law,” Atty. Moran said in a statement.

Turchin is charged with multiple crimes including computer fraud and conspiracy to commit wire fraud, which is punishable by up to the 20 years in prison.

Currently, it is unclear whether Turchin will be prosecuted in the U.S. because Kazakhstan does not have an extradition treaty with the country.

Google is warning of state-sponsored hacking efforts using the coronavirus pandemic to dupe users
Google is warning of state-sponsored hacking efforts using the coronavirus pandemic to dupe users AFP / Fred TANNEAU