The Latest in IT Security

Exclusive: How five members of the Koobface malware gang were unmasked


According to the New York Times, Facebook is making public the names of the people it believes are responsible for the Koobface worm: a botnet which has helped its creators earn millions of dollars every year by compromising computers.

Koobface suspects

The five men are named as Anton Korotchenko, Alexander Koltyshev, Roman Koturbach, Syvatoslav Polinchuk, and Stanislav Avdeiko, and are said to be involved in the Koobface malware gang, which has blighted millions of computer users.

Naked Security has great pleasure in being able to tell the in-depth story of how these individuals were identified as part of the Koobface gang, in a detailed investigation conducted by independent researcher Jan Dromer, and Dirk Kollberg of SophosLabs between early October 2009 and February 2010.

Read: The Koobface malware gang – exposed!

(Not familiar with Koobface? Here’s some background information you may find handy to read first.)

The names uncovered by the researchers are the same as those announced today.

It’s an incredible story of tireless investigation, which involved scouring the internet, searching company records and taking advantage of schoolboy social networking errors made by the suspected criminals, their friends and family.

The Koobface malware gang - exposed!

Koobface gangUp until now, Dromer and Kollberg’s research has been a closely-guarded secret, known only to a select few in the computer security community and shared with various law enforcement agencies around the globe.

At the police’s request we have kept the information confidential, but last week news began to leak onto the internet about Anton “Krotreal” Korotchenko – meaning the cat was well and truly out of the bag.

Now we have to wait and see what, if any, action the authorities will take against the Koobface gang.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments