A Most Wanted Cybercriminal Runs a Profitable Malware Enterprise | WhoisXML API

Threat Reports

A Most Wanted Cybercriminal Runs a Profitable Android Malware Enterprise

Danil Potekhin,1 a Russian national, managed to steal approximately US$17 million from users of several digital currency exchange platforms by defrauding several cryptocurrency exchange sites. Potekhin was then indicted2 in September 2020 for conspiracy to commit computer fraud, unauthorized access to a protected computer, and aggravated identity theft, among other crimes.

To assist law enforcement agencies and the security community, WhoisXML API Threat Researcher Dancho Danchev took a closer look at some of Potekhin’s cyber footprint and online infrastructure.

Using one of Protekhin’s personal email addresses found through OSINT analysis, Danchev discovered a website associated with Protekhin and seemingly pointing at a profitable managed Android malware botnet enterprise.

Read more about this cybercriminal’s online infrastructure and learn practical OSINT techniques. Download the report now.

  • [1] https://www.secretservice.gov/investigation/mostwanted/potekhin
  • [2] https://www.justice.gov/usao-ndca/pr/russian-nationals-indicted-conspiracy-defraud-multiple-cryptocurrency-exchanges-and
Try our WhoisXML API for free
Get started