An alleged Russian hacker, Pyotr Levashov, has been detained in Barcelona at the request of the FBI, an arrest that set cybersecurity circles abuzz after a Russian broadcaster raised the possibility it was linked to the U.S. presidential election, AP reports. A spokeswoman for Spain’s National Court said that the Pyotr Levashov was arrested in response to a U.S. computer crimes warrant while a spokesman for the Russian embassy in Madrid confirmed the arrest on Sunday.
While it was not immediately clear why Levashov was arrested, Russian television station RT reported that Levashov was arrested under a U.S. international arrest warrant and was suspected of being involved in hacking attacks linked to alleged interference in last year’s U.S. election. Peter Carr, a spokesman for the U.S. Justice Department’s criminal division, said: “The U.S. case remains under seal, so we have no information to provide at this time.”
Defusing speculation that the arrest was in connection with the election hacking as some have suggested, Reuters reports that according to a U.S. Department of Justice official the arrest was a criminal matter without an apparent national security connection. Spanish authorities notified the Russian embassy of Levashov’s arrest on Friday, the embassy spokesman said.
The NYT adds that computer researchers who have linked the long-running computer spam business of the man known as Peter Severa to malware used in 2012 to influence a domestic election in Russia say his arrest could give other investigations important information. Levashov was arrested in Barcelona, where he had been vacationing with his family, according to a report on RT, a state-owned Russian television network. The report cited his wife, who said the Spanish police had detained Mr. Levashov at the request of the American authorities. Levashov’s wife Maria was quoted by RT as saying that her husband was arrested by armed police at their apartment in Barcelona. She said her husband told her he had been accused of creating a computer virus “linked to (President Donald) Trump’s election win.”
Spamhaus, a group that tracks spammers, has for years listed Peter Severa as among the top 10 perpetrators in the world, and has identified him as Mr. Levashov. Brian Krebs, an American cybersecurity researcher, wrote in 2012 that Peter Severa could be another Russian man, Viktor Ivashov, and not Mr. Levashov.
The Russian name Peter Severa, which translates roughly as Peter of the North, could refer to Mr. Levashov’s hometown, St. Petersburg, or Peter North, an actor in pornographic films, in a reference to the online pornography businesses. Along with sending spam advertising, according to Spamhaus, Peter Severa worked with Alan Ralsky, an American spam operator who was convicted in the United States of fraud.
The Russian cybersecurity researchers Andrei Soldatov and Irina Borogan wrote in 2012 that participants in online Russian hacker forums were discussing whether Peter Severa had been recruited by the F.S.B., the successor to the K.G.B. The researchers said Peter Severa had been on closed chat sites trying to recruit underground hackers for a later abandoned effort by the Russian security services to crash Islamic extremist websites.
Peter Severa’s spam operation ran a sophisticated, evolving family of computer viruses called Waledac and later Kelihos, developed in part by a former military engineer also living in St. Petersburg named Andrei N. Sabelnikov, according to a 2012 American court filing by Microsoft.
The court filing and related forensic work on the Kelihos virus illustrated how criminal hacker tools are repurposed for political ends. The filing identified Mr. Sabelnikov as the designer of the Kelihos virus.
The Kelihos virus, which had been devised to spread spam, was used during the Russian election in 2012 to send political messages to email accounts on computers with Russian I.P. addresses. The emails linked to fake news stories saying that Mikhail D. Prokhorov, the businessman running for president against Vladimir V. Putin, had come out as gay.
Even if Levashov’s arrest is linked to the alleged US election hacking, it may come at an awkward moment, just as Trump’s foreign policy U-turn stands to alienate the Kremlin, and bring any “detente” momentum between DC and Moscow to a grinding halt. It is also unclear how “hacking” via spam may have influenced potential voters’ choices.
In January, Spanish police arrested another Russian computer programmer, whose name was given as “Lisov” and who was wanted by the United States for leading a financial fraud network.