top of page

Russian hacker Pavel Sitnikov arrested the source code of the Anubis banking trojan

Updated: Jun 12, 2021

Who were Pavel Sitnikov and his crime?

Russian authorities have put a famous Russian hacker in jail earlier this month. They had charged him with distributing malicious software in his Telegram channel. Pavel Sitnikov, a prominent Russian hacker was working under the now-suspended Twitter account @Flatl1ne. The telegram channel Freedom F0x was operated by him.

We can confirm via sources close to Pavel Sitnikov. He was allegedly charged for posting the source code of the Anubis banking trojan. This posted on Freedom F0x, a Telegram channel operated by him. This is where Sitnikov often posted data leaks and malware source code under the pretense of helping the security community.

Where did the arrest take place?

Pavel’s house was raided by law enforcement officials on May 20. He resided in the small town of Velikiye Luki, in the Pskov region in Eastern Russia. The law enforcement authority has charged him with the infringement of Article 273, Part 2 of Russian criminal law. He has also been forbidden to leave the town as well as using any electronic devices until his trial day.

Claims by Suspect’s wife

In a recent interview with the Russian news channel site Readovka, who was the first to break the news. The suspect’s wife, Sonia Sitnikov claims that this particular arrest was related to an earlier post made by her husband. The post was made public on December 9th of last year when Pavel shared a download link. These download links contained the personal data for more than 300,000 Covid patients. These were registered with the Moscow Department of Health.

The data consisted of personal names, phone numbers, COVID 19 status, addresses. This leaked information sent shockwaves at the time. However, having said that, a Moscow official said eventually confirmed that the leaks were human error. This was not an act of malicious intrusion.

However, despite high-ranked officials admitting their mistake, Sonia believes the investigation and the Anubis-related charges are payback for publicizing the leak last December.

Comments by Pavel Sitnikov

The Record conducted an interview last year with Pavel Sitnikov. He opened up on sensitive topics such as leaking data from Russian companies, such as banks, and the reason he did it.

Pavel gave the following statement, ” This data is obtained either from the banks themselves or fraudulently by various cybercriminal groups or researchers. Either sold or leaked publicly. As long as the knowledge about the leak is hidden and not publicized, people affected by the leak continue to suffer. As soon as it is announced, the most important thing is that at least for the moment those who are mentioned in the leak think about their security.”

A suspect can face up to five years in prison

Pavel has claimed to have connections to Russian state-sponsored hacking group APT28(Fancy Bear), which has a long and muddled history on the cybercrime underground.

Sitnikov is supposedly a member of multiple underground hacking communities. Sitnikov previously sold and shared the source code of multiple malware strains, such as Tinba, Alina, Dexter, Rovnix, and Carberp. hence the reason why the recent changes did not surprise those who followed his past activity.

Sitnikov risks up to five years in prison under Article 273, Part 2 of Russian criminal law.

0 views0 comments

Recent Posts

See All
bottom of page