A Russian software engineer was sentenced to eight years of prison for creating a utility for processing logs of the botnet

The US Department of Justice announced the sentencing of Russian software engineer Alexander Brovko.

Back in 2019, 36-year-old Alexander Brovko was arrested in the Czech Republic, from where he was extradited to the United States in connection with a large-scale investigation into the activities of Russian hacker groups. According to the US government, Brovko was “a member of elite online forums created for Russian-speaking cybercriminals, where they exchange tools and services to commit crimes.”

According to court documents, Brovko was born and raised in Russia, had a degree in systems engineering, but at some point lost his job in the printing and advertising business “due to disagreements with the company’s management.” Then Brovko began working for his former classmate, “who needed help to direct Internet traffic to certain sites,” and this became his entry point into the world of cybercriminals. Brovko says that he was ashamed of that job, but he couldn’t find another one.

As a result, Brovko began working with Alexander Tverdokhlebov, who emigrated from Russia in 2007, received American citizenship, and lived in California. In 2017, Tverdokhlebov was arrested and sent to prison for nine years, because he managed a botnet that numbered about 500,000 infected computers. In Brovko’s 2018 indictment, Tverdokhlebov appears under the initials “A. T.”.

Thanks to his botnet, Tverdokhlebov had access to thousands of hacked machines, and his malware stole user names and passwords from these computers. Brovko was instructed to analyze the logs of bots and searching bank credentials in it. Subsequently, this information was used to steal millions of dollars from American accounts (through fraudulent transfers).

As a result, Brovko wrote a program for the automatic scraping of this data. This software manually checked whether the detected username and password combinations work for users’ bank accounts. Prosecutors claim that he wrote out data on the amount of money in the accounts of victims, seeking to find the most “profitable” victims.

For all this, Brovko received about $70,000 a year from Tverdokhlebov, and with this money, according to the lawyer, he supported his wife and son. The documents also state that Brovko provided services to other hackers and even tried to sell the victims’ banking information to other criminals on his own. When the police raided his home, a large amount of equipment was seized, which was then used as evidence in court.

In February of this year, while already in the United States, Brovko pleaded guilty to conspiracy to commit fraud using electronic means of communication, as well as bank fraud. At the same time, the second charge, of conspiracy to commit fraud with data access devices, was dropped after admitting guilt and a deal that Brovko made with the authorities.

Although Brovko was eventually sentenced to eight years in prison and another five years under the supervision of the authorities, the recommended sentence was between 20 and 24 years, so events did not develop according to the worst scenario. The software engineer was also given a formal fine of $100, although the fine could range from $50,000 to $200,000,000.