“Firebird” Creators Face Justice: Global Takedown

In a collaborative operation that began in 2020, the Australian Federal Police (AFP) and the Federal Bureau of Investigation (FBI) have arrested two individuals suspected of developing and distributing the malicious software initially named “Firebird,” later rebranded as “Hive.”

“Firebird” was initially marketed as a legitimate tool for remote administration, offering capabilities for covert access and password recovery from various browsers. These features enabled users who purchased the tool to remotely access victims’ computers and engage in unauthorized activities.

Cyber Espionage

An Australian resident, whose name has not been disclosed, faces charges under twelve counts, including the production and distribution of tools designed for committing computer crimes. The maximum sentence could amount to 36 years of imprisonment, with the trial set for May 7 this year in Sydney.

The second defendant, Edmond Chakhmakhchyan, residing in the Van Nuys area of Los Angeles and known online as “Corruption,” was actively involved in marketing “Hive,” managing Bitcoin transactions, and supporting customers. According to the U.S. Department of Justice, Edmond Chakhmakhchyan sold a license to use the remote access Trojan (RAT) to an undercover FBI agent.

Despite the buyer explicitly telling the seller that he intended to steal bitcoins worth $20,000 and documents valued at $5,000, thereby indicating plans to use the tool for illegal activities, Chakhmakhchyan sold the malware without any questions or objections.

The U.S. authorities have also charged him with multiple offenses, including advertising interception devices, transferring software code that compromises protected computers, and deliberately unauthorized access to data.

Chahmakchian has pleaded not guilty; however, he faces a maximum sentence of ten years in prison. The final sentence is scheduled to be delivered on June 4 of this year.