An American court has unsealed the criminal charges against a prolific hacker known as fxmsp, finally revealing the identity of the “invisible god of networks.” In an announcement posted by the Western District of Washington’s US Attorney’s Office, authorities have identified fxmsp as a 37-year-old Kazakhstan citizen named Andrey Turchin. The five felony charges against Turchin date back to December 2018, but they remained sealed until this revelation, which follows a report published by security vendor Group-IB about the extent of fxmsp’s illicit activities.
According to authorities, Turchin and his accomplices targeted hundreds of corporate networks in more than 40 countries between October 2017 and December 2018. They allegedly established backdoors to corporate networks and then sold them in cybercrime forums for thousands to hundreds of thousands of dollars. Based on the unsealed documents, the group starts by scanning for open Remote Desktop Protocol ports and then brute-forcing their way into networks. They then steal administrative credentials and modify antivirus software settings to make sure their malware remains undetected.