Alleged SmokeLoader malware operator facing federal charges in Vermont

An alleged operator of the SmokeLoader malware, Nicholas Moses, is now facing federal hacking charges in Vermont after being accused of stealing personal information from over 65,000 victims. Initially charged in North Carolina, the case has been transferred to Vermont for further prosecution.

Moses, also known as “scrublord,” is accused of deploying SmokeLoader, a malware program designed to harvest personal data and passwords from unsuspecting users across thousands of computers worldwide. He is facing charges for conspiracy to commit fraud and related activities, with some victims including financial institutions.

Source: The Record

Key Points

Moses allegedly operated the SmokeLoader malware from January 2022 to May 2023, maintaining a command server in the Netherlands.
Prosecutors claim he harvested personal data and sold stolen credentials for $1 to $5 each, amassing over 500,000 logs of victim information.
SmokeLoader is a modular malware that can download other harmful software and carry out various malicious activities, including DDoS attacks and credential theft.
The malware has been widely used among Russian cybercriminals and state actors, especially targeting Ukraine.
Europol recently conducted follow-up actions to a major botnet takedown operation, resulting in multiple arrests and indicating ongoing investigations into connected cybercriminals.

Why should I read this?

This article uncovers a significant case in the ongoing battle against cybercrime, highlighting the alarming scale of data theft through malware like SmokeLoader. If you’re interested in cybersecurity, this story sheds light on the darker side of the internet and the efforts law enforcement agencies are making to combat such threats.