One of the operators behind the mega spamming Bredolab botnet, which Dutch authorities took down in 2010, has been sentenced to four years imprisonment in Armenia.
Russian citizen Gerogy Avanesov, 27, was sentenced on Tuesday for computer sabotage, according to a local report.
Dutch authorities, in conjunction with its national computer emergency response team, and Fox IT seized 143 servers under Avanesov’s control a day ahead of his arrest at Armenia’s Yerevan Airport in October 2010.
Prosecutors alleged Avanesov was earning $125,000 a month from the botnet business which was used for spam, spreading malware and selling fake antivirus, according to Sophos consultant Graham Cluley.
Following the equipment seizure by authorities in the Netherlands, the botmaster had reportedly used 220,000 infected computers at his host of choice, LeaseWeb, in an attempt to regain control of the network.
While Avanesov was caught, his partner, only known by the name “Birdie”, remains at large and was never identified by Dutch investigators, Krebsonsecurity reported this March.
The pair were affiliated with the Spamit.com operation which voluntarily shut down shortly before Avanesov’s arrest. The Spamit shutdown occurred after the Microsoft-led takedown of the equally large Rustock botent.
Security vendor M86 recorded a massive decline in spam volumes at the same time Spamit announced it was closing shop.
The Bredolab trojan gained a foothold on PCs that were used to browse rigged websites. The network was also capable of infecting 3 million computers a month and sending 3.6 billion emails with the Bredolab payload per day.