Thawing IcedID Out through a DNS Analysis
WhoisXML API found dozens of artifacts that could be closely connected to IcedID. Download the threat research materials now.
Continue reading Download reportExposing the Connection between a Most Wanted Cybercriminal and the BlackEnergy DDoS Attack
Oleksandr Vitalyevich Ieremenko1 is a Ukrainian national charged with several fraud-related and cybercrime cases in August 2015. Barely a year after the allegation, Ieremenko joined a cybercrime group led by Artem Viacheslavovich Radchenko and gained unauthorized entry into the U.S. Securities and Exchange Commission (SEC) network.
The group stole valuable financial data from publicly traded companies, which they planned to sell. In January 2019, both Ieremenko and Radchenko were charged with securities fraud conspiracy, wire fraud, computer fraud, wire fraud conspiracy, and computer fraud conspiracy.
Ieremenko is still at large, and the U.S. Department of State is offering a US$1-million reward for information that could lead to his arrest or conviction. He goes by other aliases, including “Александр Витальевич Еременко,” “Zl0m,” and “Lamarez.”
Intending to help the security community and the U.S. government, WhoisXML API DNS Threat Researcher Dancho Danchev took the initiative to investigate Ieremenko’s digital footprint. Included in this report are:
- A case study of Ieremenko’s footprint
- Two of Ieremenko’s personal email addresses
- Ieremenko’s web property that points to a BlackEnergy DDoS botnet C&C server domain for hire
- A short tutorial on how to use Maltego to conduct similar cybercrime investigations
Read Ieremenko’s profile and case study now and stay abreast of this cybercriminal’s recent activities. Download the report now.
- [1] https://www.secretservice.gov/investigation/mostwanted/ieremenko