$100 million botnet scheme earns Russian man 8 years in prison

Aleksandr Brovko pleaded guilty in February.

A U.S. judge sentenced a Russian national to eight years in prison over his role in stealing personal and financial information via a botnet conspiracy that aimed to generate an estimated $100 million.

Prosecutors announced the sentence Monday for Aleksandr Brovko, who pleaded guilty in February to conspiracy to commit bank and wire fraud. From 2007 to 2019, according to the Department of Justice, Brovko collaborated with other cybercriminals to turn data troves harvested by botnets — networks of infected computers — into cash.

Brovko’s role was to write software scripts to go through botnet logs and conduct data searches to extract highly sensitive personal information and online banking credentials, as well as scout out the value of compromised accounts to determine whether they’d be worth using to conduct fraud.

In all, prosecutors said, Brovko possessed and trafficked more than 200,000 “unauthorized access devices,” a term for credit cards, mobile identification numbers and other things that can be used to transfer funds.


“Brovko was an active member of several elite, online forums designed for Russian-speaking cybercriminals to gather and exchange their criminal tools and services,” according to a Justice news release.

In those forums, according to a 2018 indictment, Brovko discussed accessing two major U.S. banks.

As the U.S. Election Day has neared, the botnet role in cybercrime has taken the backseat in some quarters to its capacity to disrupt elections. Others, including Russian nationals, have seen their day in U.S. court over participating in cybercrime schemes involving botnets.

The indictment against Brovko is available in full below.

Latest Podcasts