back to article Microsoft names Zeus ringleaders and notifies FBI

Microsoft has named two individuals who it says are the leaders behind the Zeus botnet and has passed on its dossier on them to the FBI. Redmond fingered Yevhen Kulibaba and Yuriy Konovalenko as the two key players behind the botnet in an amended criminal complaint and told the FBI that the two were key to both the botnet …


This topic is closed for new posts.
  1. LarsG

    It going to be a long long long time before these guys get to go home.

    Sentenced to,

    4 years for the crime here in the UK

    104 years for the same crime in the USA.

    Bet they try to claim asylum!

    1. wowfood

      Since they aren't british citizen

      I bet they'll get it too.

    2. Tom 7 Silver badge

      Double jeapardy

      may have gone but I don't think you can be sent to jail twice for the same crime. If they are extradited anywhere to face criminal charges for a crime they have done time for we really are fucked.

      1. Allan George Dyer Silver badge
        Paris Hilton

        Re: Double jeapardy

        How about X thousand charges of "Unauthorised access to a computer" for X thousand computers in the UK, and Y thousand charges of "Unauthorised access to a computer" for Y thousand charges in the US?

        Or do you prosecute a bank robber for one crime if they've hit ten banks?

        1. S4qFBxkFFg

          "Or do you prosecute a bank robber for one crime if they've hit ten banks?"

          Unfortunately, I think that's how it works, sort of, even if they're being technically prosecuted for multiple offences.

          Watch out for phrases such as "other offences taken into consideration".

          Also, the concept of "concurrent sentencing".

          1. jonathanb Silver badge

            Re: "Or do you prosecute a bank robber for one crime if they've hit ten banks?"

            If, for example, you have a burglar up before the magistrates court for one offence, and he is found guilty, he may tell the court he committed 100 other acts of burglary and ask for them to be taken into consideration. The reason he would do that is because the sentence for committing 100 burglaries is a lot less than 100x the sentence for committing 1 burglary. By pleading guilty to these other burglaries and being punished for them, it means he can't be prosecuted in future for them.

            These people are guilty of 779,816 counts of unauthorised access to a computer system. English magistrates can only take into consideration the offences they committed in England, possibly Wales and maybe in limited circumstances Scotland and Northern Ireland if there was an English or Welsh link to the offence. They have no jurisdiction in any other country, and can't punish them for offences committed there.

          2. Allan George Dyer Silver badge

            Re: "Or do you prosecute a bank robber for one crime if they've hit ten banks?"

            I thought that was an option, at the discretion of the judge. Often seen with, "pleaded guilty and asked for X other offences to be taken into consideration", used by the guilty to demonstrate their remorse and their determination to mend their ways. Conversely, a suitably outraged judge might opt for consecutive sentencing.

      2. JohnG

        Re: Double jeapardy

        Double jeopardy says that you cannot be tried twice for the same crime and, whilst that may be true in the USA, UK legislation was changed under Tony Blair's government such that a person can be tried as many times as is necessary to get the correct verdict of "guilty".

        In this case, these guys are serving time for their crimes in the UK, whereas the USA wants to punish them for their crimes in the USA, etc. Just because they may have used a single scam to commit crime in several countries, it doesn't mean that their crimes will all be considered as one.

        1. Anonymous Coward
          Anonymous Coward

          Re: Double jeapardy

          @JohnG - The changes the TB New Labour government made were to allow certain very serious crimes to be tried more than once, not punished more than once. If you've done time for something, you won't be doing time for it again, under uk and most international law. The difference is that the likes of the killers of Stephen Lawrence (which was one of the main cases in deciding to change the law) got off on their first trial because the forensic techniques didn't exist to prove their guilt, coupled with the prosecutors ballsing it up. If I recall correctly, each specific trial for a previously acquitted offence has to be approved by the home secretary and has to have significant new evidence, it also has to be a very serious crime, such as murder.

      3. Ian Michael Gumby

        Re: Double jeapardy

        Its not double jeopardy.

        They plead guilty to the crimes against the UK citizens only. Other jurisdictions have the right to also charge them for crimes against the citizens in their jurisdiction.

      4. Tom 13

        Re: Double jeapardy

        I believe double jeopardy died an unnoticed death before I was born, and if not shortly thereafter. Most certainly before I began my state required education. But it's okay. It was all in a good cause. Those thrice damned lynchers of blacks had to be brought to heel.* What was left of it was further mutilated shortly thereafter. But that was okay too, because it brought social justice to those same downtrodden people.** Well, at least in the US. So that gives them at least 3 bites at the apple.

        *KKK clansmen were typically brought before friendly state courts for criminal trials where they were found innocent of lynching blacks. The implemented solution was to try them again for the same crime in federal courts. This was held to be constitutional because they were not the same crimes. No I don't understand how.

        **In a similar fashion, because the cases were civil not criminal, those affected by lynchings were able to sue for damages against the lynchers.

        1. kain preacher

          Re: Double jeapardy

          the difference was one was murder charge the other was civil rights violation. Murder charge you face the up to death and back then civil rights violation was only up to 10 years. It;'s like if you shot some one and are found not guilty but then are tried for discharging a gun in public. Basically the same facts but it is different crimes.

    3. Anonymous Coward

      if they really face 100+ years, asylum would be justified.

    4. Anonymous Coward

      bloody hell...

      I've stumbled into the Daily Mail firums by mistake.

      Quick, break out the bendy banana's and weekly bin collections.

  2. tekgun

    Money talks

    I get the feeling the FBI will have a harder time extraditing these two than they will Richard O'Dwyer.

  3. Allan George Dyer Silver badge

    London Plods Not So Tech-Ignorant?

    So the UK's Central E-Crime Unit (PCeU) grab these guys, and successfully prosecute them, then MS wakes up and mentions to the FBI that they might want to talk to them about the same crimes in the US?

    I think the headline here is a little misleading, and, given previous commentard opinion that UK plods are useless on e-crime, there needs to be credit where it is due.

    As a guess, the PCeU, FBI and Microsoft have all been cooperating on this, but the FBI needs a formal complaint by a US victim to get on with the prosecution. It would be nice if the Vultures could get the story behind the press release for us.

  4. Anonymous Coward
    Anonymous Coward

    What about criminal charges for some of the design team at Microsoft for some of the really terrible design choices that make infections much easier?

    How long did it take them to disable autoplay?

    1. Anonymous Coward
      Anonymous Coward

      So a criminally negligent charge? They knew their system was insecure but did nothing about it despite being told about it many times.

      Interesting concept - but hardly likely to fly.

    2. Anonymous Coward

      In the same way that gun designers make their products kill people much easier?


      Bet your'e a bloody linux fanbois.....

  5. Richard 31
    Paris Hilton


    When i see stats like 779,816 infected machines like in this article, i am reminded of the film Hackers when Zero Cool hacked a pitiful 1706 or whatever machines and got black-ops guys bursting though the door.

    Would an infection of 1706 machines even make the radar these days?

    1. Ru

      Re: Hackers

      An infection of 1 would do, in the right place. All depends on who the machines belong to, right?

    2. Anonymous Coward
      Anonymous Coward

      Re: Hackers

      But this isn't "hackers" it's the real world...

  6. This post has been deleted by a moderator

    1. Anonymous Coward
      Anonymous Coward

      Re: The US government created Stuxnet and Flame

      MS Use Windows update to propagate Stuxnet?

      Do me a favour.

      Bloody conspiracy theorists.

    2. midcapwarrior

      Re: The US government created Stuxnet and Flame

      Blindingly obvious that you are a twit.

  7. Anonymous Coward
    Anonymous Coward

    Do the Perp Walk

    They never learn so it's time to do the Perp Walk.

  8. SJRulez

    Botnet or the software

    Since Zeus is available widely are these guys meant to be the people that wrote the software and profited from selling the crime ware kit or are they just a subscriber who used it too build the biggest botnet?

This topic is closed for new posts.

Other stories you might like

Biting the hand that feeds IT © 1998–2022