{
	"id": "408a9dc8-3155-4ebb-a053-e9e1a9950fe7",
	"created_at": "2026-04-06T00:09:58.161642Z",
	"updated_at": "2026-04-10T13:12:06.053407Z",
	"deleted_at": null,
	"sha1_hash": "af3a5d846b98ab6d8d183167f082861c29df4989",
	"title": "Russian Hacker Pleads Guilty for Role in Infamous Linux Ebury Malware",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 784618,
	"plain_text": "Russian Hacker Pleads Guilty for Role in Infamous Linux Ebury\r\nMalware\r\nBy Catalin Cimpanu\r\nPublished: 2017-03-29 · Archived: 2026-04-05 15:54:30 UTC\r\nThe US Department of Justice announced yesterday that Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty for\r\nhis role in the creation of the Ebury malware and for maintaining its infamous botnet.\r\nUS authorities indicted Senakh in January 2015, and the law enforcement detained the hacker in Finland in August of the\r\nsame year.\r\nFinland approved Senakh's extradition to the US in January 2016, but not without the classic rhetoric from Russian\r\nauthorities who called the extradition process \"legal abuse,\" and the practice of arresting Russian citizens abroad an \"illegal\r\npractice\" and \"witch hunt.\"\r\nAfter facing legal proceedings in the US, Senakh has now confessed to his role in the creation of the Ebury malware\r\ntogether with other unnamed co-conspirators.\r\nhttps://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nEbury malware infected around 25,000 servers\r\nThe Ebury malware appeared on the malware scene in 2011, and only targeted UNIX-like operating systems like Linux,\r\nFreeBSD, and Solaris.\r\nCrooks installed Ebury on servers left unprotected online. The malware contained a rootkit component to survive between\r\nreboots and a backdoor to provide criminals remote access. Hackers also used Ebury to steal SSH login credentials and SSH\r\nprivate keys, which they later used to infect new servers.\r\nEbury timeline (via ESET)\r\nCrooks assembled servers infected with Ebury in a botnet they used to redirect traffic to paying customers or to send email\r\nspam, also for financial gain. During its peak, ESET estimated that Ebury infected 25,000 servers across the world.\r\nEbury's became famous in 2011 after a Florida man, with no connections to the Ebury crew, installed Ebury on kernel.org\r\nservers. In recent years, Ebury activity has died down following aggressive sinkholing, albeit the malware will still pop up in\r\na honeypot once in a while.\r\nEbury was often used together with other malware such as CDorked, Onimiki, and Calfbot. Coverage of Ebury attacks and\r\nfeatures can be found on the sites of Steinar H. Gunderson, ESET [1, 2], CERT-BUND, and Sucuri.\r\nSenakh's sentencing is scheduled for August 3, 2017.\r\nhttps://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/\r\nhttps://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware/"
	],
	"report_names": [
		"russian-hacker-pleads-guilty-for-role-in-infamous-linux-ebury-malware"
	],
	"threat_actors": [],
	"ts_created_at": 1775434198,
	"ts_updated_at": 1775826726,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/af3a5d846b98ab6d8d183167f082861c29df4989.pdf",
		"text": "https://archive.orkl.eu/af3a5d846b98ab6d8d183167f082861c29df4989.txt",
		"img": "https://archive.orkl.eu/af3a5d846b98ab6d8d183167f082861c29df4989.jpg"
	}
}