Recently, a Russian hacker, Stanislov Lisov, was sentenced to four years in prison in the Southern District of New York for stealing money from a bank account using a trojan horse named Neverquest and was ordered to confiscate $50,000 and pay restitution of $481,000 to victims.
According to the prosecution, Lisov created and managed a NeverQuest botnet and stole millions of documents. Investigators found about 1.7 million stolen documents on his server, including usernames, passwords, and some secret questions and answers. This gives him free access to online banking and other financial accounts.
The malware is designed to monitor infected computers in an attempt to log in to an online bank account. When the victim logs in, the malware steals their username and password. The Trojan allows hackers to control infected devices to log in to the victim’s online bank account, then transfer funds to the account and conduct some online trading activities.
It is understood that Lisov was arrested in Spain in January 2017 and he was extradited to the United States a year later. Recently, he pleaded guilty to allegations of using malware to obtain bank vouchers and steal funds from bank accounts.
Security researchers noticed that the attack involving the Neverquest trojan had all stopped after Lisov was arrested.