Bulgarian police have arrested a Russian hacker accused of committing fraud that led to the loss of over $7 million. The alleged hacker is currently battling an appeal by the United States government to have him extradited.
Alexander Zhukov, the alleged hacker, is a St Petersburg native and has been living in Varna, Bulgaria, since 2010. Before the arrest, he was operating a network of over 50 servers, which he leased to people. The customers would use the servers to inflate video ad likes and views. Zhukov is said to operate online under the name “Nastra”.
According to Kommersant, a Russian newspaper that broke the news on the arrest, Zhukov was apprehended by the Bulgarian police a week ago after the US Government issued an international warrant of arrest. Details on the alleged cybercrimes are still unknown. However, a corroborative investigation between the US and the Bulgarian investigative agencies is still ongoing, pending his extradition to face trial in the US jurisdiction.
Though little information is known about this particular case, a Russian crime report claims that Zhukov might have, in one way or another, been associated in an advertising fraud scheme that led to the loss of over $7 million. The ad was shut down by Google after an investigation by BuzzFeed exposed the fraud in late October this year. However, these are merely claims as there is no evidence nor public statement at the moment to support these claims.
The accused is believed to have committed the crime between August 2014 and December 2016. According to his friends who spoke to Kommersant reporters, Zhukov operated an online business where he developed and managed a network of servers which he leased to people who wanted their video ad views and likes on different platforms inflated.
Zhukov has not spoken about the matter, but his friends have confirmed that he operated online under the name, “Nastra”. They also disclosed that he charged a total of $20 a month for a lease. Kommersant believes that his operation was exposed after a deal with one of his clients was compromised, which prompted him to turn all his programs against that client’s video inventory, a move that generated millions of views, drawing the attention of advertising networks.
In the report by Kommersant, Zhukov did not infect users’ phones or computers with malware but merely used his leased network of servers to execute the said fraud. If this is true, then there could be a significant disconnect in the case linking Zhukov to the BuzzFeed investigation report which was used by Google to shut down the fraudulent advertising scheme. In the report, TechSnab malware was used to execute the fraud ad clicks.
Being a member of the North Atlantic Treaty Organization (NATO) which has an extradition agreement, Bulgaria is likely to have Zhukov extradited to the US. As he fights against extradition in court, he faces a charge of fraud which, on conviction, could have him imprisoned for not more than 20 years in the US.