Russian national Maxim Senakh agreed to a plea deal on 28 March that could place him in prison for up to five years, paying restitution, and also being fined of up to $250,000 (£201,000) for creating and spreading the Ebury botnet.
Senakh plead guilty in United States District Court District of Minnesota for conspiracy to violate the Computer Fraud and Abuse Act and to commit wire fraud. According to the court documents, starting in 2008 Senakh began working with several co-conspirators to place the Ebury botnet on thousands of Linux-based computers worldwide.
Ebury is used to steal login credentials and creates a remote root shell giving the attackers permanent access to the device.
“Once the Ebury malware was installed on a computer server, the computer server could be controlled remotely by members of the conspiracy,” the court documents stated, adding the group generated profits through click fraud and spam campaigns used to direct traffic to specific websites.
Senakh was indicted on the charges in January 2015 and extradited by Finnish authorities shortly thereafter. Sentencing is expected to take place on 3 August, according to Tripwire.