Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Convicts Russian National Behind Kelihos Botnet Crypting Service

US Convicts Russian National Behind Kelihos Botnet Crypting Service

Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypter service used by the Kelihos botnet to obfuscate malware payloads and evade detection.

Koshkin has been detained since he was arrested in California in September 2019, and he is facing a maximum penalty of 15 years in prison after September 20, 2021, when his sentencing is due.

Estonian national Pavel Tsurkan, his co-defendant, also pled guilty today via videoconference to charges of aiding and abetting hackers to infect victim computers worldwide with malicious software, including ransomware.

Monthly payments of $3,000 for malware crypting services

Koshkin operated,,,, and other websites that promised to render malware (e.g., botnets, remote-access trojans, keyloggers, credential stealers, and cryptocurrency miners) fully undetectable by almost all major providers of antivirus solutions. 

“In particular, Koshkin worked with Peter Levashov, the operator of the Kelihos botnet, to develop a system that would allow Levashov to crypt the Kelihos malware multiple times each day,” the Department of Justice said.

“Koshkin provided Levashov with a custom, high-volume crypting service that enabled Levashov to distribute Kelihos through multiple criminal affiliates.

“Levashov used the Kelihos botnet to send spam, harvest account credentials, conduct denial of service attacks, and distribute ransomware and other malicious software.”

The Kelihos maintainer paid Koshkin roughly $3,000 per month for his services between May 2014 and April 2017 per the criminal complaint when Levashov was arrested in Spain.

Also Read: 3 Reasons Why You Must Take a PDPA Singapore Course

Kelihos botnet, one of the largest of its time

The Kelihos botnet, active since at least 2010 and one of the largest when it was taken down in 2017, was used by its operators and other cybercriminals who rented it to send millions of spam messages per hour.

US authorities said at the time that Levashov was renting the botnet’s spamming capabilities for prices from $100 to $300, according to court documents,

The botnet was targeted by three takedown attempts in consecutive years, in 20112012, and 2013, and was finally taken down in April 2017.

When the FBI finally dismantled it, the Kelihos botnet was known to control at least 60,000 compromised computers worldwide.

“By operating a website that was intended to hide malware from antivirus programs, Koshkin provided a critical service that enabled other cyber criminals to infect thousands of computers around the world,” Acting U.S. Attorney Leonard C. Boyle for the District of Connecticut said.

Also Read: The Difference Between GDPR and PDPA Under 10 Key Issues

“The defendant designed and operated a service that was an essential tool for some of the world’s most destructive cybercriminals, including ransomware attackers,” added Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us