The FBI has linked a 23-year-old Russian man to the notorious Mega-D botnet, which once was responsible for one-third of the world's spam.
According to federal authorities, Oleg Nikolaenko was paid hundreds of thousands of dollars to use Mega-D to spam out e-mails for a crew of criminals specializing in the sale of fake goods.
Nikolaenko is charged with violating the federal CAN-SPAM Act. His attorney, Christopher Van Wagner, reportedly told the Milwaukee Journal Sentinel that the charges were only accusations.
"We're prepared to present a rigorous defense," he said.
According to a federal affidavit, the case grew out of an investigation into a counterfeiting operation headed by Jody M. Smith, who pleaded guilty to conspiracy to traffic in fake Rolex watches Aug. 9, 2009. As part of his plea, Smith admitted to paying $2 million to spammers to send e-mail messages pitching the watches, and named Australian resident Lance Atkison as a co-conspirator.
As part of the investigation into Smith's case, the FBI and the FTC determined the name of Smith's business was AffKing. Further investigation found that many of the e-mails touting AffKing's wares were routed through Mega-D. In addition, the FBI said, Atkison sent payments totaling more than $464,000 to an ePassporte account registered to Nikolaenko between June 6, 2007, and Dec. 14, 2007.
Nikolaenko was arrested in Las Vegas in November.
Mega-D was targeted by researchers at FireEye in November 2009 and was briefly crippled, but rebounded by year's end. Lately, however, the botnet's activity has been scant, blogged Phil Hay, senior threat analyst with M86 Security.
"It's encouraging to see law enforcement agencies going after these bot-herding criminals," he blogged. "Identifying and incapacitating the individuals behind the malware is one of the best ways to keep these giant spam-spewing systems in check."