Russian student convicted for running virus distribution websites

May 03, 2006 Sophos Press Release

Sergey Kazachkov was found guilty of distributing over 4000 viruses
Sergey Kazachkov was found guilty of distributing over 4000 viruses.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have welcomed the sentencing of a man who not only created his own malware, but ran two websites distributing over 4000 different computer viruses.

Sergey Kazachkov, a Russian science university student from Voronezh, was found guilty of making available thousands of pieces of malware via two virus exchange websites. He was also said to have created and spread his own malicious software.

"Kazachkov was playing a dangerous game by running a website which helped spread viruses designed to cause harm to the data of innocent computer users," said Graham Cluley, senior technology consultant at Sophos. "It's excellent news that he has been convicted and the websites shut down, but his punishment is little more than a slap on the wrist. Cyber crime is getting more and more serious and causes horrendous problems for businesses, so a stronger message must go out to those behind these crimes that it won't be tolerated."

Kazachkov has been given a two year suspended sentence, and will have to abide by conditions laid down by the court during a one year probation period.

"This isn't the first time the Russian authorities have cracked down on those who make viruses available on websites," continued Cluley. "In November 2004, a member of the international 29A virus-writing gang was found guilty of posting virus source code on underground malware distribution websites."

Some headlines in the Russian media have claimed that Sergey Kazachkov has been identified as the author of the infamous Chernobyl virus. However, this is incorrect and the wrong assumption appears to have been made because Chernobyl was one of the viruses available from Kazachkov's websites. The real creator of the destructive Chernobyl virus (also known as CIH) was Chen Ing-Hau, a Taiwanese student who was detained by the authorities in 2000.

Sophos continues to recommend that companies protect their email with a consolidated solution to thwart the virus, spyware and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.