The US has charged a 37-year-old Kazakhstani citizen for infiltrating over 300 companies and public institutions across the globe.
On Tuesday, the Justice Department unsealed an indictment against Andrey Turchin, who federal investigators claim is actually the notorious hacker “fxmsp.” Last year, fxmsp and his crew grabbed headlines for allegedly selling the source code to antivirus products from McAfee, Trend Micro and Symantec.
Since 2017, Turchin has been breaking into corporate networks, and then monetizing the access to buyers on underground hacking forums. “Prices typically ranged from a couple thousand dollars to, in some cases, over a hundred thousand dollars, depending on the victim and the degree of system access and controls,” the Justice Department said in today’s announcement.
The charges were announced two weeks after the cybersecurity firm Group-IB named Turchin as a suspect behind the fxmsp persona. Group-IB estimates he and his hacking crew may have raked in at least $1.5 million by breaching businesses, including banks, hotels, retail vendors and government offices. In return, clients have been able to use the unauthorized access to steal confidential data from companies, or to plant ransomware on corporate computers.
According to federal agents, Turchin found his targets by scanning the internet for computer systems with the remote desktop protocol enabled. Normally, such computers are password protected. However, Turchin was able to break in by exploiting trial-and-error to successfully guess the right login combinations. Once in, he would then begin infiltrating the victim’s network and install malware to maintain backdoor access.
The unsealed indictment from the Justice Department was actually filed back in Dec. 2018, showing that federal agents were aware of Turchin’s identity and his role in the computer hacks for some time. However, extraditing hacking suspects from their home countries can often prove difficult.
Whether Turchin is in federal custody was left unsaid in today’s announcement, but the Justice Department thanked Kazakhstani authorities for their help in the investigation. Who else Turchin might have worked with remains unclear.