Recently I wrote about why people write viruses and what they had to gain.  Well police in Bulgaria have just arrested a hacker who was responsible for similar scam that netted him $10 million!

If you remember, most of the viruses I discussed involved Bot-Nets.  These are networks of compromised computers that are forced to follow instructions and execute commands on behalf of the hacker.

Well this case is a little different.   Instead of computers, this hacker targeted Android based cell phones.

The hacker in question is Alexander Zhukov from Varna, Bulgaria.  Zhukov, who was born in Saint Petersburg, Russia has lived in Bulgaria since 2010.  He went by the online name of “Nastra” according to Russian media outlet Kommersant.

He was responsible for over 125 Android apps which secretly acted as bots without the user’s knowledge.

These bots were designed to simulate clicks on adverts, effectively scamming advertisers.   When someone clicks on an advert on a page you host, you’re then paid a small fee.   By using an extensive network of bots to simulate these clicks,  Google estimated that the scam conned advertisers of around $10 million between September 2014 and September 2016!!

Zhukov offered a service to others, who apparently paid him $20 per month to use his army of android apps to increase ad revenue on their websites.

The scheme was successful until Zhukov lost his temper at a deal gone awry with one of his customers.   He decided to target the full power of hit bot-net at the customer’s video stream which brought it to the attention of the advertisers.

Zhukov is now fighting extradition charges to the US, where he faces a maximum prison sentence of 20 years.   As NATO members, the US and Bulgaria have a bilateral extradition agreement.  Bulgarian authorities arrested Zhukov on 6th November after an international arrest warrant issued by the US.

This reinforces that you should be careful what apps you install on Android phones or tablets.   Only download apps from reputable developers, as otherwise they could be using your device to do things without your knowledge.

I’d also recommend installing some form of AntiVirus on Android to protect against malware.  There are many options out there, and again I’d suggest choosing one of the more reputable companies.   I’m not an Android user personally, but I’ve had success with the likes of MalwareBytes and Bitdefender, both of which have Android apps available.

If you’re on an iPhone or iPad you don’t have the same risk, as apps have to be vetted by Apple before they can appear in the app store.

Until next time, be careful what you download and install if using Android.   You never know what it might be doing behind your back!