Security News > 2021 > October > Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices
Ukrainian law enforcement authorities on Monday disclosed the arrest of a hacker responsible for the creation and management of a "Powerful botnet" consisting of over 100,000 enslaved devices that was used to carry out distributed denial-of-service and spam attacks on behalf of paid customers.
The Ukrainian police agency said it conducted a raid of the suspect's residence and seized their computer equipment as evidence of illegal activity.
"He looked for customers on the closed forums and Telegram chats and payments were made via blocked electronic payment systems," the Security Service of Ukraine said in a press statement.
The payments were facilitated via WebMoney, a Russian money transfer platform banned in Ukraine.
The development comes weeks after Russian cybersecurity firm Rostelecom-Solar, a subsidiary of the telecom operator Rostelecom, disclosed late last month that it had sinkholed a portion of the M?ris DDoS botnet that's known to have co-opted an estimated 250,000 hosts into its mesh.
By intercepting and analyzing the commands used to control infected devices, the company said it was able to "Detect 45,000 network devices, identify their geographic location and isolate them from the botnet." Over 20% of the devices attacked are located in Brazil, followed by Ukraine, Indonesia, Poland, and India.