Ukrainian malware author accuses Russia in US DNC hack investigation


A Ukrainian who authored malware that US intelligence officials say was used by an Russian APT group to hack the Democratic National Committee has become a witness for the FBI.

A Ukrainian man who authored malware that US intelligence officials say was used by an Russian APT group to hack the US Democratic National Committee has become a witness for the FBI, after turning himself in to his home country's authorities early this year, the New York Times reported on Wednesday.

The man, who goes by the online alias Profexer, is the first known living witness to emerge in the DNC hack investigation, according to the article. His malware program, called the P.A.S. web shell, can be found advertised on Russian-language dark web forums, but Profexer himself went dark in January 2017, abandoning his own website shortly after a December 2016 US intelligence report mentioned his creation by name.

Serhiy Demediuk, chief of the Ukrainian Cyber Police, told the Times in an interview that Profexer was never arrested because while he wrote the malware, he did not actually use it himself.

There is also no evidence that Profexer  actively helped the Russian APT group Fancy Bear hack the DNC, and he claims he did not know that his malware was being used for this purpose. But he does know the users, at minimum by their online aliases, the report continues.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike