How to set up smartphones and PCs. Informational portal
  • home
  • Programs
  • "I understood that I was walking on a razor's edge." The most interesting interview with the "hacker from Rechitsa"

"I understood that I was walking on a razor's edge." The most interesting interview with the "hacker from Rechitsa"

08.03.2020 Programs

The special operation, led by FBI officers, took place in the fall of 2017 in Rechitsa. It was a joint operation of the Investigative Committee and the International Bureau of Investigation to identify hackers working in Belarus.

On a signal from an informant who worked under the nickname Dzhigurda, officers of the Investigative Committee detained Sergei Yarets. He was charged with manufacturing and distributing malware, and organizing and managing a site where hackers shared their experience in breaking information systems.

It turned out that Yarets, who was known on the web as Ar3s, was associated with the Andromeda botnet. The arrest was preceded by the purchase of software by the FBI, which, when checked by specialists, turned out to be malicious.

A year before the start of the special operation, Microsoft announced that up to four million processors every month are infected with similar software. The company's specialists have estimated the losses from the influence of virus programs at ten million dollars.

The defendant's lawyer made incredible efforts to get the court to meet the accused. But the person under investigation himself, during the course of the investigative measures, not only began to cooperate with the investigation, but also tried to help the employees of the Investigative Committee to expose himself.

The lawyer says that the investigator himself was quite experienced in information technology, but he did not understand everything either. Some things were generally unprovable, but the suspect himself literally chewed the intricacies of his bells and whistles to the investigator. The defender of Yartz says that he has never met such an unusual investigation. Here it is already necessary to speak about the “invaluable assistance” that his client rendered to the investigation.

All this was taken into account when the verdict was passed. In addition, the lawyer constantly convinced the investigation that such a knowledgeable specialist as his client would be more useful in the wild than in prison. And Yartz, according to the FBI, was at least 10 years old. The defendant repented and confidently stated that he was not going to the West, including the United States.

His trial took place on August 9. Immediately in the courtroom, the accused presented a receipt for payment of tax on profits obtained as a result of illegal activities. The receipt contained a record of 11 thousand rubles paid. The case was re-qualified according to its first part - “profits obtained by criminal means”. Thus, the defendant paid the taxes due to the state budget and compensated for the fine of 2,940 rubles due to his imprisonment in the remand prison. The suspect spent 6 months there.

Sergei's lawyer claims that he is the only one to be arrested by the FBI. He also clarifies the principled position of his client, who throughout his illegal activities did not harm users in the post-Soviet space.

The prosecution speaks of the fully proven guilt of the defendant and demands from the court 2 years of imprisonment for Sergei Yarts, conditionally. At the same time, it asks to appoint the defendant a year of probation. The prosecution disagrees with the lawyer's assertion that her ward is innocent before the people of Belarus.

The prosecutor stressed that the crime is international in nature and the consequences of his actions were quite tangible for citizens of other countries. In addition, it has been proven that the defendant was selling his products, which were deliberately infected with a virus. Therefore, there is no talk of removing guilt and liberation.

In addition, the prosecutor sees in the actions of the defendant not signs of nobility, but fear of exposure. Therefore, he simply did not dare to conduct his destructive activities on the territory of Belarus and the Russian Federation.

Yarets himself repented in the last word and said that he was not the creator of Andromeda. This site, according to him, was created by an "alcoholic genius" whose place of residence is unknown to him. Sergei only helped him in administering the site.

He explained the presence of the program code by the fact that his owner often went into a binge, and then did not come out of it for a long time. Therefore, it was an understandable necessity to keep the access code with you.

At one time, before the arrest and stay in the pre-trial detention center, Yarets was engaged in the protection of information: the development and installation of software. Officially, he worked on the security of three organizations. After the end of the trial, he intends to return to the Televid company, where he served as chief engineer. He says that they are already waiting for him there, and they are waiting impatiently.

A special operation against him was carried out by the American FBI and the Belarusian Ministry of Internal Affairs and the Investigative Committee.

The victims of hackers are more often Windows and Android users. But do not worry - each of us will become the object of a cybercrime at least once in our life, says a cybersecurity expert in an interview for Radio Svaboda.

An "outstanding" hacker is called the 33-year-old Sergei Yarts, who was detained a couple of weeks ago in Rechitsa.

The person against whom the FBI and Belarusian law enforcement officers conducted a joint operation was identified by cybersecurity experts from Recorded Future.

For many years, the Belarusian was hiding under the nickname Ar3s and, according to Reuters, was behind the largest and oldest botnet Andromeda.

He talks about hackers and the main rules of cybersecurity Andrey Borisevich, Director of Advanced Development at Recorded Future.

Why hackers infect our computers

- What is Andromeda served by a Belarusian hacker from Rechitsa?

Andromeda is a botnet. This is a large network of infected computers all over the world, controlled by either one person or a criminal structure. To manage the entire network or individual computers, there is a single control panel. Through it, you can send instructions to the infected computer - for example, install malicious software or start sending spam via e-mail.

The most common way to use infected computers- elementary theft of users' personal data. A keylogger is installed on the computer - a special program that intercepts everything that is typed on the keyboard. If a person logs into his bank account via a mobile phone, enters a password, this information is intercepted and sent to the attacker. Access to individual infected computers can be sold to other cybercriminals.

How data is used? One of the ways is illegal online shopping. Modern online stores have been fighting hacker crimes for a long time and successfully, as they are easy enough to recognize. For example, if someone enters the store from the IP of another country. To get around this, an attacker gains access to a random computer in the United States, logs into the site of the same Amazon or PayPal from it and makes an illegal transaction. An online store, payment system or bank sees this as a transaction from a familiar country.

But there are many ways to use infected computers. Almost any cybercrime that we hear about - either they stole money from a bank account, or attackers gain access to the networks of financial institutions and steal money simply from banks, or steal money from people from computers, from electronic wallets, cryptocurrency and so on, personal data - all this, as a rule, is done through the creation of a botnet.

The one who controls this network, of course, both earns a lot and causes very significant harm.

- If almost every area of ​​our life has already been digitized, can we say that each of us will face cybercrime?

- This is a really huge problem, and it did not appear today or yesterday. Botnets as large as Andromeda began to appear 10-15 years ago. For the criminal world, this is something everyday. There are certain risk groups that are most likely to face this problem. First of all, these are Windows users because most of the harmful software is written for Windows or Android if we talk about mobile phones.

Historically, attackers practically do not attack MacBook and iPhone users... First of all, because Apple products are the most secure and less vulnerable to external threats. And secondly, simply because there are many more Windows and Android devices than Apple's. For attackers, the number of potential victims is much more important than quality.

Almost any person will sooner or later fall into the hook of intruders. This does not mean that they will attack you personally. Most likely, this will happen through a massive infection. But sooner or later your information will be sold to someone.

Ordinary citizens have suffered great financial losses for a long time. The ranks of cybercriminals are growing.
A computer infected with the Petya ransomware virus. Illustrative photo If 5 years ago there was an unspoken rule among cybercriminals not to attack citizens from the CIS space, but now everyone turns a blind eye to this. We see that attacks on Belarusian, Russian, Ukrainian banks and financial institutions continue. Such attacks are quite successful, when tens of millions of dollars are stolen from banks. They are constantly trying to spread ransomware viruses. Such a virus blocks access to your device and demands a ransom from you for returning data.

Statistics are stubborn things, and they show that sooner or later everyone will face such a problem.

What did the Rechitsk hacker get caught on?

- What is so exceptional about the personality of the Rechitsa hacker? And how could such an authoritative person in the world of cybercrime get caught on the fact that ICQ was registered to a real MTS number?

- Determining who is behind this nickname, in fact, has not become a big problem. It only took a few days. We did this about six months before his arrest.

As a rule, people make such mistakes at the very beginning of their criminal career, when they are still young, ignorant. They make minor bloopers, but they remain on the Internet forever. It only takes time and a little effort to look a little further in time - and you can find moments when a cybercriminal either used his real phone number, or used a nickname under which he registered a long time ago on a social network, potentially highlighting his photo or even his name ...

Cybercriminals, especially inexperienced ones, often use real Skype. And for law enforcement agencies there is no difficulty in gaining access to record Skype.

In our case, this character did just that. Even before the start of his criminal career, he communicated in the circles of programmers, often asked questions in various non-criminal forums. He left his data when registering on the forums, his real year of birth, e-mail, and in one place ICQ, which he continued to use for many years, after switching to the "dark side".

How the Belarusian hacker was detained:

It often happens that these are fairly simple people with whom you live in a neighboring house and cannot imagine that this is one of the most famous hackers sought after all over the world. You don't have to go far for examples.

There is a young man from England Markus Hutchins, who was arrested by the FBI in the summer... He was already known as one of the most respected cybersecurity professionals in the world. He stopped the spread of the WannaCry virus, which at that time was attacking Russia, Ukraine, and European countries with great speed. He was considered a hero... A month or two later, he was arrested by the FBI on suspicion of distributing one of the most powerful Trojans, which was distributed in criminal forums and in the criminal underground.

If we return to our character, then we found out that since 2004 he was the administrator of one of the most respected criminal forums technical orientation. Criminal forums are of different types. There are those where the majority is engaged in carding - stealing money from credit cards, bank accounts, hacking online stores.

And there are technical forums where they discuss the most modern malicious software (malware), sell it, do everything related to its support. Exactly like this the forum was hosted by Ar3s, our Sergey Yarets... He was the chief administrator, and one of the most famous specialists in the criminal environment.

After all, even if new malicious software (software) appeared on other sites, he was invited as an independent expert.

He got access to the new version of the software, researched, tested and passed his verdict. If Yarets said that the software works as stated, then the success of this product was predetermined. Then the sales of these harmful programs went "with a bang", and the criminals no longer had any doubts about him.

"A hacker's modest lifestyle doesn't mean low income"

- If these forums exist so publicly, and the guy himself led a fairly open lifestyle - take, for example, his active Twitter - then at what point does this interest in malicious software become a crime?

- At that moment when people come and ask a question about him, and at the same time everyone understands that the ultimate goal is to harm either individuals or organizations. Often newcomers release their virus software for sale and for some reason believe that if they write in the contract that the software is “developed and sold exclusively for research purposes,” then this will somehow save them.

Yes, a hacker can write: my software is not designed to attack people and organizations. But everyone understands that it is distributed on hacker forums, money is taken for it. It is known that it will be used to attack ordinary citizens. This is already a crime. This does not protect future hackers from criminal prosecution.

- How much could S. earn on this? His acquaintances do not believe in such a "brilliant" career and say that the guy lived very modestly.

- If I'm not mistaken, the license itself cost $ 2000. But this particular botnet consists of two elements: a control panel that allows you to manage all infected computers, and the second part - the so-called payload, that is, the malicious file itself that will be sent to the computer - object of attack. For example, it might be an email attachment that looks like a harmless .jpg file. You click it and your computer gets infected.

Antivirus programs learn very quickly to recognize such harmful documents. And for such software to work effectively, they need to be constantly cleaned. This is called support. And this is one of the services that Ar3s provided. For this he received $ 50. With widespread malware distribution, this should be done almost daily. Having bought a license for 2000 dollars, you need to give another 1500 monthly for support.

Therefore, I think Sergei's modest lifestyle does not mean that he had a small income. He had a legal job, in the eyes of many people he was an ordinary citizen, but at the same time he was also involved in criminal cases. And for many years.

"The fact that society does not see hackers as big criminals is due to Hollywood."

- How many such hackers can there be in Belarus?
- There were a lot, as technical education in Belarus is one of the best in the world. But many "talented" hackers left at one time in places that were safer for them. Including to Russia, Ukraine, as in Belarus the law enforcement bodies acted much more professionally in relation to them. It is well known that in Belarus it is difficult to give a bribe, to fight off criminal prosecution. And in neighboring countries it is all over the place.

How do you feel about the fact that hackers are still considered almost "role models", they have a heroic-romantic image, and when they get out of prison, they willingly give interviews about their "cyber exploits", and many people are fond of them?
- In modern society, hackers are not considered bandits. But the time has long passed when ordinary people did not suffer from them. Until now, the impression remains that banks somehow compensate for the money stolen by hackers, but this is not true. It has long been difficult for banks to recover money if it is stolen from credit cards and bank accounts. Even in the US it is difficult for people to get their money back. Today's hackers inflict enormous damage on ordinary people.

Modern attacks also use ransomware viruses that attack everyone and everything - personal computers, medical institutions, police, courts, government agencies. Now these cybercrimes have crossed all reasonable limits and are more reminiscent of the situation in the Wild West of the 18th century than the modern society of the 21st century.

Society still does not see big criminals in hackers and this is partly due to Hollywood. He continues to churn out movies, TV series about hackers, where he shows what "robin hoods" they are, how they manage to remain elusive, travel the world, be one step ahead of the police.

But those times are long gone. The same Sergei, who was arrested in Belarus, is one of the dinosaurs. He has been in this business since he was 18. In today's world, cybercrime is already linked to organized cybercrime.

Modern cyber attacks, especially on banks, are carried out by powerful cyber groups who have huge financial and administrative support, the corruption component from the police, when they can be covered and taken care of their safety.

In America, cybercrime often overlaps with street crime. This is no longer just a hacker in a hooded bike, but people who have 2-3 prison trips behind them, who rob, kill and, at the same time, steal money from their accounts. The way society sees cybercrime has long been untrue.

6 cybersecurity rules from an expert

Install an antivirus. This, of course, is not a panacea. If the hacker chose you, the antivirus may not help. But it will help weed out most opportunistic attacks that aim to infect as many computers as possible.

Don't open email attachments... First of all, if you do not know who this letter is from. Hackers have now learned how to manipulate consciousness well through various methods of NLP - neurolinguistic programming. Having bought the compromised databases, they know your name, and you receive an email with an infected file addressed to you personally. We live in a fast pace, we have no time to reason, we open emails without hesitation. And this is absolutely not worth doing. If you know the person from whom the suspicious letter came, take the time to send him an SMS and ask if he really sent this.

Don't click on links in emails, where you are offered bonuses, a lucrative job, or they say that you have won some kind of prize. Now this is a very common method of hackers, and as a result, your computer becomes infected.

Have different passwords for absolutely all services that you are using. Literally every website, application.

Install a password generator, it helps you create random passwords. There are special programs, they can cost $ 10 a year, but it's worth it. Such a program will save you a lot of time and effort, which you can spend in the future on restoring your data and getting your money back.
Criminals know that people are lazy, they invent 1-2 passwords and use them for everything. Fraudsters have long understood this. At least one password of any person in the world can be found on the Internet and then, by simple selection, get access to important resources - a bank account, credit card, e-mail, and so on.

Use Google two-factor authentication... Hackers have not yet learned how to bypass this particular method of protection.

Local resident Sergey Yarets... He was accused of creating and managing the largest botnet Andromeda, the damage from which Microsoft estimated at $ 10 million.However, the outcome of the case turned out to be very favorable for a resident of Rechitsa - a fine of 120 basic units (from which he was released after six months in a pre-trial detention center) and a return of profits obtained illegally, Radio Svaboda writes.

At first, the prosecution insisted that Yarets was guilty under Part 2 of Art. 354 of the Criminal Code of the Republic of Belarus - "development of computer programs or making changes to existing programs for the purpose of unauthorized destruction, blocking, modification of information with grave consequences." The punishment for it involves up to 10 years in prison. But in the course of the case, the investigators reclassified the case to the first part of the article, in which the maximum imprisonment is 2 years.

According to the lawyer Anna Dokutko, the uniqueness of the investigation consisted in the fact that the accused not only talked about his activities, actively helping law enforcement officers, but also consulted them.

“The investigator was highly qualified, advanced, but even his evidence was insufficient. And Sergei told him how to find evidence against himself, ”said the lawyer.

Thanks to this "mutually beneficial" approach, the public prosecutor asked the court to sentence Sergei Yarets to two years probation with a probationary period of 1 year. With the final verdict, the hacker was ordered to pay a fine of 120 basic units (2,940 Belarusian rubles), but half a year spent in a pre-trial detention center was “credited” with the payment. He also returned 11 thousand Belarusian rubles, which he “earned illegally”.

At the same time, Yarets argued that Andromeda was developed by an unknown "genius and alcoholic" who may be living in Russia. At his request, a resident of Rechitsa only reviewed the malicious software, and later agreed to be a representative of the botnet. And the source code turned out to be in the possession of the Belarusian in case the author of the program goes into a binge again.

What is Andromeda

After the arrest, Sergei Yarets was named one of the authors and administrators of the Andromeda botnet network, which was used to host malware, phishing attacks and other criminal activities on the network. Malware buyers paid $ 500 for each copy of Andromeda sold and $ 10 for an update. The desire to use "keyloggers" to record keystrokes cost $ 150, and for $ 250 they offered a module that helped steal data from forms filled out on sites.

Earlier, the Swedish-American cybersecurity company Recorded Future claimed that Sergei Yarets "with a high degree of probability" is a hacker known in the Russian-speaking segment of the network since 2004 under the nickname Ar3s. Shortly before the arrest, FBI representatives bought malware from him, the danger of which was confirmed during the examination. After that, a decision was made to detain the Belarusian.

“Andromeda is one of the oldest products on the market,” said Europol spokesman Jan Op Gen Oort.

According to the intelligence services, on average, since 2011, more than 1 million computers have been infected every month around the world. TUT.by, citing ESET, reported that law enforcement officers have liquidated a network of 464 autonomous botnets. Andromeda operators used 1214 domains and IP addresses as servers.

Sergei Yarets, known as the "hacker from Rechitsa," says his case, which was tried on August 9, is an example of how you can blow an elephant out of a fly. He confesses that he read with horror about himself as "one of the most prolific cybercriminals in Europe."

dev.by met with Sergei Yarets at the LVEE conference, where he gave a blitz report on cybersecurity .. The full interview can be found on the dev.by website.

Sergey Yarets was born in 1983. He worked as a chief engineer at a local TV company. He was an administrator on the damagelab forum, where he was known under the nickname Ar3s. For three years, until December 2015, he was involved in technical support for the Andromeda loader, which was considered "one of the largest botnets on the Web." He was detained on November 27, 2017 by employees of the Investigative Committee of Belarus and the Department "K" of the Ministry of Internal Affairs, together with the FBI and Interpol. He was charged first under part 2, and six months later - under part 1 of Article 354 of the Criminal Code (Development of computer programs or making changes to existing programs for the purpose of unauthorized destruction, blocking, modification or copying of information "). On August 9, the Rechitsa District Court issued a verdict: Sergei Yarets was found guilty, he had to pay a fine of 120 basic units. Since the man had spent about six months in a pre-trial detention center, he will not pay a fine.

"My secret was my" shadow life ""

I'll tell you how I met Waahoo - the author of the Andromeda loader. He came out the winner in a hack quest that I conducted on the forum. I hoped that the quest would last a maximum of a day, but the participants completed the tasks for more than three days - it was both difficult and interesting.

By that time, Andromeda already had a name, and Waahoo had a certain number of clients. He turned to me with a proposal: they say, I don't have time for everything myself, let me continue the development, and you will be engaged in technical support and you will receive a percentage of the sale.

I have been in this environment for a long time: I saw how much money people were earning, what things they did, and I stopped perceiving the loader as something dangerous. Yes, harder malware can be launched through this harmless program, but here my conscience is clear, I reassured myself.

Yes, I did it for the money. Officially, I earned 300-350 dollars, barely enough to live on, and then my little daughter was so sick that my wife did not climb out of the hospitals with her.

I understood that I was walking on a razor's edge: I was encrypted, I used security systems, but I knew that there are places where it is impossible to clean up after myself - everyone has traces. In addition, I was somehow reassured by the fact that loader sellers had never been detained in my memory. Wrong scale!

Of course, we followed the stories of high-profile arrests. Discussed: "Damn, but what a mistake in defense!" - together they decided how all this could be avoided. And those, whose mistakes we discussed, often came from our forum themselves.

Everyone wants to have their own secret, the Zorro mask in the closet between the T-shirts. My secret was my "shadow life" - and I liked it.

“There is no need to confiscate equipment. I'll tell you everything now "

On that memorable day, someone under the nickname Dzhigurda wrote to me. He wanted to buy Andromeda back in early 2017 - he annoyed me with requests, and when I refused, he asked me to give him at least a piece of Andromeda's source code so that he could show it to his programmer. I took out the brain for a whole month, until I agreed to cut some pieces.

And so he drew again: "I need another piece of code - the builder." I understood that something was wrong here, I answered evasively: "I will look." "How much will it cost?" I wrote from the bulldozer: "300 bucks." And then the watchman runs to me: “Some men came there. They said to check the fire extinguishers. " And I had a check just the other day - everything is in order. I'm going out. There are two big guys in overalls: "Are you such and such?" - "Yes, he is." They wrung their hands behind their backs, handcuffed them and took them back to the office.

Further into my office, as many people flew into my office as there weren't when they were born: one from the FBI, one from Interpol, three people from the main investigation department of the Investigative Committee and the same number from the "K" department, at least five riot police. And someone else walked.

Ironically, in my office there was a pile of technology: mountains of hard drives, old, broken computers - go figure out what was involved and what was not. Department "K" wool my work computer, and there is nothing there: I kept everything on another computer.

Four hours later, they said: “I'm tired! We will take everything that is here, we will sort it out. " Next to it is the control room - if they turn off the servers, the people with whom I worked side by side for 15 years will be left without work, and the whole city without television for three to four weeks. I raised my hand and said: “There is no need to confiscate equipment. I'll tell and show everything now. "

That's how I started to confess. We had a friendly team, and I didn't want everyone to have problems because of me alone, a fool. I still have to look these people in the eye. In addition, I already knew perfectly well at that moment that I would not get out: if the FBI and Interpol arrived, and also the "K" department - they have something for me.

"I actively tried to speed up the process."

Initially, I was charged with the second part of the article, which speaks of "especially grave consequences." I found comments on my article, and it was listed there that this is "a violation of governmental and intergovernmental communications, postal communications, the consequences that led to an environmental disaster or the death of a person through negligence or as a result of inaction."

My lawyer and I asked the investigator why I had the second part, and not the first, if there were no particularly grave consequences. And he answered: "Well, I'm sorry, you have 10 million infections."

We “butted” with these millions of infections as best we could. The press wrote that I taught the investigators a lot. Yes, I actively tried to speed up the process. He said: “Guys, to prove it, look here. To perform the forensics, you need to disable Andromeda's protection: do this and that. " Each examination is two months. I understood: if everything drags on for up to a year, I will go crazy.

A week before my detention was approaching six months, the case was re-qualified, and I was sent home under a signature.

"It seems that you are reborn"

When the judge announced the verdict: such and such a fine and such and such, and many more words - I was in a daze. "Did you understand?" He asked me. I just shook my head, thinking that I didn’t have any conditions, because I had already served six months.

We leave the hall. My lawyer is happy:

- You understand? Understand? - And I figure out in my mind where else to find 1.5 thousand dollars (I'm not sure if this is the correct figure, at that moment I roughly counted) in order to pay the fine. Even before the trial, I paid all the "illegally obtained income" - all the amounts that appeared in the case. He got into debt, but paid off every penny. And now I was not happy that I had left, but I only thought: "Where can I get the money?"

The lawyer realized that it had not yet reached me, and explains:

- You don't need to pay anything! You know that the more strict absorbs the less strict. You went to zero at all!

And here I was covered. Sometimes events happen in life when it seems to you that you are born again. I had just such a feeling - it seemed that wings had grown behind my back, I flew for two days. I could not believe that everything worked out, because it began with ten years of the zone.

For the first time in Belarus, a cybercrime trial took place. The Rechitsa District Court was examining a high-profile case that caused a lot of noise. The "hacker Ar3s" (in Russian - Ares) was on the dock. In fact, he is a 35-year-old resident of the regional center Sergei Yarets, a respectable family man, no previous convictions, an executive and responsible employee of the small regional television and radio company "Televid". However, Sergei was accused of a crime, the victims of which were millions of people around the world, calling him "one of the most prolific cybercriminals in Europe."

FOR EACH SALE OF ANDROMEDA - $ 500

According to the investigation, Rechichin was a member of an international cybercriminal group and was distributing the Andromeda computer virus. It is a botnet, a program that attacks Windows computers. Once in the system, it paralyzes the work of the filters that protect the computer. The Trojan then downloads other programs to the hard drive from the Internet. Most often - viruses, with the help of which it is possible to obtain personal data of users, access to bank accounts, block the operation of the system.

After millions of computers were infected with Andromeda, US and European law enforcement officers carried out a large-scale operation to eliminate the criminal group. The hackers were hunted by the FBI, Interpol, Europol's cyber division ...

And so the US FBI officers contacted a certain Ares, who turned out to be a citizen of Belarus. An employee of the American bureau contacted Ares and agreed that he would sell him part of the Andromeda code. At the next correspondence about the sale of the remaining part of the code, the Belarusian was detained.

The Investigative Committee charged the Rechian with administering forums where cybercriminals communicated. According to the investigation, the man helped his interlocutors buy and update Andromeda, and also provided technical support services for the Trojan. He received $ 500 for each virus sale, and $ 10 for each update.

THE VIRUS DEVELOPER LIVED IN RUSSIA AND CONSTANTLY Drank

Ares himself agreed to talk to Komsomolskaya Pravda. He spoke about his version of what happened:

I was the administrator of a forum where I taught programmers. Many asked to teach them how to become hackers, and helped them to develop, and as a result, people got jobs in well-known companies. I reviewed the programs on the forum, and the Andromeda developer, who lives in Russia, asked me to review this bot. And then - to help in the distribution of the program, because he himself did not have time to develop and sell it.

Sergey explained how Andromeda works. He claims that the program does absolutely no harm to the computer:

It all depends on the buyer. Among my clients were companies that installed Andromeda on their employees' computers in order to update the necessary programs. And someone could set up a botnet to download viruses. I personally did not steal a penny from anyone - I was just selling the program.

By the way, Andromeda was configured so that it would not run on computers in the CIS countries. Sergei claims that this was done on principle - so as "not to shit in the place in which you live." And according to the investigation, the matter is not at all about patriotism - the criminals only cared about their safety, believing that the US and European authorities would not be able to find them here.

According to Sergei, the development partner often went into long drinking bouts. Once a Belarusian asked a hacker to send him the source code so that in case of another binge he could do something himself. So he got access to the code, some of which he sold to the FBI, which he got caught on.

In 2015, I decided to close the sale of Andromeda and its services, because the developer continues to drink heavily. But someone posted a program on the Internet, making it available for free download. Therefore, Andromeda began to spread at a frantic pace. But I have nothing to do with this, and I have no idea who posted the program on the Internet, ”replied Sergey. However, the investigation believes that he is still involved in the free distribution of the Trojan.

BY THE RESOLUTION OF THE COURT, ARES DOES NOT HAVE ANYTHING AND WILL RETURN TO WORK

As Sergei said, Microsoft has sent a document to the Belarusian authorities stating that it estimates its damage from Ares' actions at $ 10 million. But such a claim was not brought against Sergei in the Belarusian court. Only the illegally obtained income was demanded from him - from the sale of "Andromeda". The largest sum that appears in the episodes of the case is 11 thousand Belarusian rubles.

The Rechik paid all the damage during the trial, so the prosecutor and the court were lenient towards him. Moreover, the "cybercriminal" repented of everything, fully admitted guilt and even helped the investigation in formulating the accusation and disclosing the entire mechanism of action of "Andromeda".

The prosecutor of the district Nikolai Belorusov acted as the state prosecutor in court, he asked to punish Sergei Yarts with two years of imprisonment, but conditionally, as well as a large fine. The court considered differently: it sentenced the programmer to a large fine, but given that the resident of Rechik spent six months in jail, it is no longer necessary to pay the fine. Being in custody is equivalent to imprisonment, therefore it absorbs a less severe punishment. Therefore, Sergei came out of the court joyful - it turned out that he did not owe anything to anyone else. Now he again gets a job at Televid. But he hopes that after such a resonance he can be offered a more prestigious job.

Top related articles

How to tell if your computer has been hacked
How to tell if your computer has been hacked
How to calibrate and set up your monitor at home
How to calibrate and set up your monitor at home
How to calibrate your monitor on Windows or Mac
How to calibrate your monitor on Windows or Mac
Categories:
© 2021 bumotors.ru. How to set up smartphones and PCs. Informational portal.