Global Cybercriminal Duo Face Imprisonment After Hive RAT Scheme

The two allegedly sold the Trojan on Hack Forums, allowing other threat actors to gain unauthorized control, disable programs, browse files, record keystrokes, and steal credentials.

Dark Reading Staff, Dark Reading

April 16, 2024

1 Min Read
A group of bees in a honeycomb
Source: imageBROKER via Alamy Stock Photo

Edmond Chakhmakhchyan, also known by the screen name "Corruption," was arrested last week by the FBI on federal charges alleging that he intended to market and sell malware that would allow a threat actor to take control of a victim's device.

Chakhmakhchyan, who is from California, pleaded not guilty to his two-count indictment and will stand trial on June 4.

According to the Justice Department, Chakhmakhchyan and the creator of the malware, an Australian national, struck a deal requiring Chakhmakhchyan to advertise the Hive remote access Trojan (RAT) on a website called Hack Forums, accept payment in bitcoin for licenses to use the malware, and provide assistance to the malware customers if needed.

Once deployed, Hive RAT customers were able to gain unauthorized control, disable programs, browse files, record keystrokes, access communications, and steal credentials without the victim's knowledge.

"The indictment specifically charges Chakhmakhchyan with one count of conspiracy — to advertise a device as an interception device, to transmit a code to intentionally cause damage to a protected computer, and to intentionally access a computer to obtain information — as well as one count of advertising a device as an interception device," the press release stated. If convicted, Chakhmakhchyan faces a maximum penalty of five years in federal prison for each count.

The Australian Federal Police (AFP) have charged Chakhmakhchyan's counterpart, who was allegedly involved in the creation and sale of the malware. They face 12 charges, each of which has a maximum penalty of three years in prison.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights