The suspected mastermind of the notorious cybercrime-as-a-service network Avalanche has been arrested in Ukraine.
Gennadiy Kapkanov, 33, was cuffed in the capital Kiev and found to be carrying a false passport. A search of his rented flat yielded a laptop, flash drives and money, which police have now taken.
The suspect will now spend the next 60 days in custody with no chance of bail.
The Avalanche network was finally shuttered after seven years in 2016, when an international effort involving police from 30 countries took 221 servers offline and sinkholed or blocked 800,000 domains.
Avalanche is said to have sent over a million malicious emails per week — including spam, phishing and malware — from a network of half a million compromised computers, supporting at least 20 malware families.
Victims were identified in over 180 countries worldwide.
During that cyber-police operation, five people were arrested, 37 premises were searched and 39 servers were seized.
Interestingly, one of those arrested was Kapkanov himself, after threatening police with a gun in his home city of Poltava.
However, he was controversially released a week later after a local judge claimed police had incorrectly filed charges, according to RFE/RL. That was despite him being listed on Interpol’s most wanted.
The suspect then went to ground, until now.
Last summer, another Ukrainian man was arrested in connection with cyber-criminal activity, this time on suspicion of distributing the infamous NotPetya malware.
The Nikopol resident is not thought to have been connected to the Kremlin-linked plot to disrupt Ukrainian government and critical infrastructure organizations, but instead posted a video online explaining how to launch Petya.A, as well as linking to the download.