One of the world’s most sophisticated hackers, an alleged Russian programmer by the name of Pyotr Levashov, 36, was arrested in Spain over accusations of tampering with the 2016 US election. He was detained in Barcelona at the FBI’s request and is subject to a US computer crimes warrant.
The U.S. Embassy in Spain declined comment. Russian Embassy spokesman Vasily Nioradze confirmed the arrest, but wouldn’t say whether he was a programmer. Nioradze wouldn’t comment on the US extradition order either.
Levashov was suspected of being involved in hacking attacks linked to alleged interference in last November’s U.S. election. A spokesman for the U.S. Justice Department’s criminal division, Peter Carr, said, “The U.S. case remains under seal, so we have no information to provide at this time.” However, a USDJ official defused speculation that the arrest was in connection with the election hacking, stating that the arrest was a criminal matter without an apparent national security connection. The U.S has already issued an extradition request so that Levashov would have to stand trial here for his alleged crimes.
Spanish police said Levashov controlled a botnet, a network of private computers infected with malicious software called Kelihos. He used it to hack information and install malicious software in hundreds of thousands of computers. Much of his activity allegedly involved ransomware-blocking a computer’s access to certain information and demanding a ransom for its release.
Levashov’s wife, Maria, was quoted by Russian broadcaster RT, a state-owned Russian television network, saying that her husband was arrested by armed police at their apartment in Barcelona while on vacation. Maria Levashov was also quoted by RT as saying armed police stormed into their apartment overnight and kept she and her friend locked in a room for two hours while they interrogated Levashov. She says that the Spanish police told her the arrest was in connection with “a virus which appears to have been created by my husband and is linked to Trump’s victory.”
Suspicions that Russia might have attempted to sway the 2016 presidential race have been circulating for months. In January, US intelligence and security agencies said in a declassified report that Russian President, Vladimir Putin, ordered hacking attacks and propaganda campaigns before the election results. They include email hackings from the Democratic National Committee, Democratic candidate, Hillary Clinton, and her campaign manager, John Podesta. Both the FBI and both houses of the U.S. congress confirmed last month that they were conducting their own investigations into the potential influence from Russia in the elections.
According to a cybersecurity site, KrebsOnSecurity, Levashov was allegedly responsible for “running multiple criminal operations that paid virus writers and spammers to install ‘fake antivirus’ software” under the alias “Peter Severa”. The site also believes that there is “ample evidence that Severa is responsible for the Waledac spam botnet, a spam engine that has infected between 70,000 and 90,000 computers for many years and was capable of sending about 1.5 billion spam messages a day.” However, malicious software is regularly shared and repurposed, so a computer virus’ creator has little or nothing to do with how the virus is used once it is out of their hands. Spamhaus, a group that tracks spammers, has listed Peter Severa as among the top 10 perpetrators in the world for years, and has identified Levashov as one of the hackers.