A Ukrainian man, Gennadiy Kapkanov, is currently being held by Ukraine police, accused of internet scamming on a colossal scale.
Kapkanov stands accused of masterminding the ‘Avalanche’ cybercrime syndicate. Europol reports indicate that at its height, Avalanche racked up cyber-attacks valued at hundreds of millions of dollars in the US and Europe.
The speciality of the Avalanche syndicate was phishing scams, executed on a massive scale and run by huge ‘botnets’. Kapkanov allegedly ran the operation for 7 years, infecting millions of computers across the globe with malware that secretly generated and sent out phishing emails designed to steal people’s personal data.
The Avalanche crime syndicate was shut down last year, according to Europol, and European police forces have been searching for the kingpin of the operation ever since.
Gennadiy Kapkanov was previously arrested in connection with the Avalanche investigation last November in a dramatic raid that saw Kapkanov threatening police with an assault rifle and handgun. After this first arrest, he was released from custody by a Ukrainian judge amidst allegations of corruption and went into hiding until his re-arrest last week.
Weapons seized from Kapkanov’s apartment during his first arrest by Ukraine police. (Source: NPU)
In addition to their own large-scale fraud operations, Avalanche was offering DIY scam kits for sale on the dark web that enabled newbie cybercriminals to instigate their own attacks with minimal experience. The Avalanche syndicate sold their customers package deals including malware code, phishing email templates and even botnet resources. This kind of retail-level selling of scamming tools has become so common in recent years that it has been given its own acronym; MaaS, which stands for Malware as a Service.
Gennadiy Kapkanov’s arrest and the dismantling of the Avalanche syndicate are certainly good news from a cybersecurity POV but the discouraging reality is that they have spawned countless imitators that are still in operation.
Policing the internet is an almost impossible task because traditional law enforcement agencies are limited by jurisdictional barriers that have no relevance to the online space. US authorities and agencies like Europol work together as closely as possible, but it is still incredibly easy for cybercriminals to evade capture by running their operations from regions where law enforcement is corrupt or ineffective.
The MaaS phenomenon has driven explosive growth in cybercrime because hacking skills are no longer a prerequisite. Anyone with a few hundred dollars can now log into the dark web and download a MaaS kit that will allow them to start spreading malware and committing fraud on a wholesale scale.
Gennadiy Kapkanov is currently in police custody in Poltava, Ukraine. During the raid that resulted in his re-arrest, police seized a laptop computer and flash drives which are being examined for evidence.
Kapkanov has been charged with multiple offences including hacking, fraud, money laundering and armed resistance to law-enforcement; if found guilty it’s speculated that he could serve 10 years in jail.
Protect your business from cybercrime
If you would like to learn more about the complex cybersecurity challenges facing business today, please download the e-book Surviving the Rise of Cybercrime by MailGuard CEO Craig McDonald. This plain English handbook explains the most common threats and provides essential guidance on managing risk.
“Cybercrime is a serious and growing business risk. Building an effective cybersecurity culture within an organisation requires directors and executives to lead by example. Surviving the Rise of Cybercrime is a must-read for directors and executives across business and in government and provides strong foundations for leaders determined to address cyber risk.”
- Rob Sloan, Cybersecurity Research Director, Wall Street Journal
Download your copy of Surviving the Rise of Cybercrime for free, here.