Podcast 14: The Tale Of The Spam Lord

Libsyn:

https://sites.libsyn.com/488183/episode-14-spam-lord-genius-elusivity-and-mystery

YouTube:

https://youtu.be/JTUuPz7srWo

Rumble

https://rumble.com/v4k8itu-episode-14-spam-lord-genius-elusivity-and-mystery.html

In a world where our personal and professional lives are increasingly online, device-level security is no longer just a suggestion—it’s a necessity. Whether you’re working from the comfort of your home or the convenience of a café, every click, every app, and every connection carries a potential risk. It’s like leaving the front door to your digital house wide open—inviting trouble.

Enter SaferNet VPN, the cybersecurity equivalent of a deadbolt lock. Imagine securing every device you own with a shield so robust, even the most persistent digital desperadoes are left shaking their heads in defeat. This isn’t just about protecting your device; it’s about safeguarding your digital autonomy, ensuring that the choices you make online are yours and yours alone.

In today’s episode of Digital Desperados, we’re peeling back the curtain on cybercrime’s underbelly, guided by voices that resonate with expertise and a touch of maverick spirit. You’ll hear from Patrick McMurphy, who’s here to regale us with tales of dark deeds and digital mischief, and Brad Hawkins, the visionary founder of SaferNet VPN, who’s here to tell us why device-level security should be as fundamental as locking up at night.

So grab your digital notepad, secure your Wi-Fi connection, and let’s dive into a realm where the lines between safety and vulnerability are as complex as they are compelling. And remember, in this digital age, a secure device is your first line of defense against the unseen threats lurking in the vast ocean of the internet.

Stay tuned, and stay secure.

Transcript Begins:

Jim Brangenberg: Welcome to the Digital Desperados podcast featuring Dark Tales from the web. Patrick McMurphy is here today to tell us our dark tales. And he’s joined of course by Brad Hawkins, founder, CEO, and super dude from SaferNet VPN. And I’m Jim Brangenberg and I’ll serve as I’ll be herding cats here on the podcast. This podcast is brought to you by SaferNet VPN.

Every time you go online, your heart and soul are under attack. Secure your computer with SaferNet VPN, simplified cybersecurity for businesses and families. SaferNet’s got a VPN. It’s powerful. You can even use the Wi Fi, the free Wi Fi at Panera or at your hotel. It’s got internet controls, virus protection, all in one app, and you can put it on every device you have.

You can have one profile on all of your electronic devices. Keep distractions at bay with 84 website filters. Stay safe and productive. Get secured right now go to safer net. com. It’s reasonable. It’s affordable and it’s powerful. That’s safer net. com Patrick McMurphy, what dark tale you telling us about today?

Patrick McMurphy: Today I’m excited ’cause I wanna talk about an individual called Pytor Levashov. AKA Severa, or the spam lord. He is, without a doubt, one of my favorite hackers.

Jim Brangenberg: So he is from Southern Minnesota. He’s the spam lord?

Patrick McMurphy: Yeah, exactly. Or he could even be Irish at this point. But no un unfortunately, Levashov was born in St. Petersburg, Russia, which we all know at this point is the home of hacking. And so Levashov is born here in Russia in 1980. We don’t know a ton about his childhood, as normal with these guys, but we know as a teenager in the mid 90s, straight away, he just hopped into hacking. This is what he wanted to do.

He was born to hack. Mid 90s teenager, he began writing his own malware. Really, he wasn’t, spreading this around. He was just seeing what he could do. Now, not only was he good at writing malware, he was a brilliant, and brilliant mathematician. He went to a high school dedicated just to that, and he went on to get master’s degrees in both computer science and economics. So this is a clever guy we’re dealing with.

Jim Brangenberg: Digital economics. Digital economics! Which is even more intense. I don’t even know what that means. Brad, do you know what that means? Digital economics?

Brad Hawkins: I’m assuming it’s digital fintech. I’m not sure, but I’m assuming that it has something to do with how to grow an economy in the digital world. So is that, would that be accurate?

Patrick McMurphy: I think so. And it’s a field that actually changes quite a lot, especially in the last few years of crypto and things, but it’s a tough field to get a master’s in anyway.

Brad Hawkins: Wow. I guess when you get a master’s in digital economics before anyone knows what it is, you can learn basically anything. And then it just grows it just keeps going. I mean as it continues to grow and advance you just tell everybody you got a master’s degree in it, even though you don’t know anything about it.

Jim Brangenberg: That’s right. Exactly. Let’s go back to southern Minnesota where they make all the spam in the world! Go back to the spam lord here.

Patrick McMurphy: So the spam lord himself, Levashov, this is when in college he served as the primary moderator of a spam community that spanned multiple top Russian cybercrime forums. And so around this time, Levashov met an American called Ralsky and they worked closely together. And so these two guys were involved in a huge number of spam email campaigns.

They were mostly centered around stocks and what are called pump and dump schemes. What would happen is that they would send out emails really about thinly traded Chinese penny stocks. They would drive up the price, they would then jump out at the top when they’ve artificially inflated these prices.

That’s a crime. It’s done a lot but you don’t see them hacking as much, but these guys were totally into it. They were all about it.

Brad Hawkins: So they were just publicizing a stock that probably is meaningless, but they buy the stock and then they send out a bunch of spam to talk about how amazing it is.

And then get people to buy it and have that stock price increase. And then they sell at the top and let it crash. Is that?

Patrick McMurphy: 100%. That is it. Exactly. And he was a master of it. In fact, he even got a reputation as someone who could write incredibly effective spam campaigns. And he ended up working with a bunch of other hackers across Europe.

Now, at the time, he wasn’t known. His name, his real name wasn’t known, but there is a company called Spam House. Now, these are white hat hackers. These guys detect big spam lords. And what he called Levishop.

Brad Hawkins: Just for clarity, a white hat hacker is somebody that hacks for good to help businesses find holes in their software or anything like that. Black hat hackers are the people that we always talk about. Just for, just to clarify.

Patrick McMurphy: Yeah, exactly. And now when looking at spammers, Spam House called Levashov, one of the longest operating criminal spam lords on the internet. So this guy at the time was seen as the father of all spam lords, not a great title to have.

Jim Brangenberg: Almighty Spam Lord.

(laughter)

Patrick McMurphy: Something like that, I think. But this, this just wasn’t enough for Levashov. So what he wanted to do, he wanted to combine everything. He wanted to combine what he learned from university, from writing malware, from economics. And so he wrote something called Kelihos, which is a type of botnet.

And so the big question is what is a botnet? And so really all a botnet is that it’s a, it’s like a network. However, it’s consists of several, several thousands of compromised computers. So if your computer has a virus that’s a botnet, it’s actually being used by that botnet to carry out malicious crimes.

And so basically, Levashov started publishing more spam emails to get Kelihos around the place. Now, what was unique about it is that, even today, if you look at botnets, they have a central command. And this is going to be one computer sitting somewhere, more than likely Russia, that is the chief in command of the entire botnet.

But, Levashov never wanted this. He wanted a peer to peer network. And so what happened is that there was no single command. All command was spread around to all computers using it. There was multiple computers, and the most

important part of that, he realized that it had no point of failures. You could not take down one computer and take down Kelihos. You’d have to take down all of them.

Brad Hawkins: That’s the benefit of connecting all of these previously hacked computers together to build their power so that if they lose 10 percent of them, they can still do whatever they want to do and they got all the power to do it. Is that about right?

Patrick McMurphy: Yeah, exactly. And it was a nightmare. It’s spread via a number of methods, most of all phishing or phishing emails from the malware itself. So if you had Kelihos you might actually be emailing Kelihos to other people without even realizing it.

Jim Brangenberg: I’ve gotten emails like that from people who are like, did you know you sent me that email? It always is some salacious email. Hey, you can lose 30 pounds tomorrow. Just drink this magical drink or some other kind of thing. Cyber criminals are constantly, Patrick, they’re constantly trying to get into your computer and my computer all the time.

Brad, I believe that you’ve got the solution we all need. We need to protect our computers effortlessly with SaferNet VPN. Tell us about it, Brad, really quick. Why is SaferNet the solution to all these cyber criminals that we’re talking about?

Brad Hawkins: I got to tell you, we designed SaferNet for a very specific reason. That is to combine the three most important, very simple, that everybody needs to have cybersecurity tools into one simple app that can go on any endpoint device or any computer, cell phone, tablet, whatever. And so the objective is that we want to be able to provide the simple thing of a VPN that in my belief, everybody in the world should have a VPN. They should not operate on the internet without a VPN, and I know some people disagree with that, but those are the people that don’t quite understand VPNs.

And then within that VPN, we put virus protection to make sure that if you end up at a bad website, you’re not going to bring a virus right into your network. And then we give you 200 internet controls to help you manage and protect the traffic wherever it’s going. So if we’re able to combine those three most important cybersecurity tools into one app, and then charge based on one of those three, it’s a win for everybody.

And we priced it out so that it’s a no brainer for anybody in the world. We’re all over the world. We have people using SaferNet all over the world. And that’s what’s so exciting is that we can protect anyone in the world.

Jim Brangenberg: I love best, in a conversation we had recently, you mentioned that your accounting department, you have all the social media channels blocked from the accounting department using SaferNet. But in the marketing department, you have all the social media channels on. So the accountants don’t get distracted. The marketing people can do their job. And that’s the power of SaferNet. Check it out online, safer net. com. That’s safer net. com. Let’s get back to the spam lord.

Patrick McMurphy: Absolutely. And so I mentioned that he distributed a lot of this during phishing, but he had, he always had ways to make money Levashov. So he ran an affiliate marketing program with an antivirus program that he created called SevAntivir, right? Not only was this an amazing antivirus program, it would delete all of your malware, it would also deploy Kelihos on your machine.

He would sell you his antivirus, wipe your machine clean. Oh, it’s, it’s spick and span. It’s lovely. It’s clean. However, you’re now in the botnet. This guy was a genius. He knew exactly what he was doing.

Brad Hawkins: Oh my goodness. That’s incredible.

Patrick McMurphy: It is. And so when Kelihos got running, it had, it was really a lot of moving parts to it. It would obviously send massive amounts of spam emails. Again, it’s Levashov. What do we expect? A lot of these spam emails distribute various types of malware. There was banking trojans, ransomware, and really just other malicious software involved.

Brad Hawkins: What was the name of his antivirus?

Patrick McMurphy: It was SevAntivir, which would later be a take on his nickname Severa. Do not download that, by the way.

Brad Hawkins: You probably just panicked, hundreds of people that just listened to that. I think I’m running an antivirus and it’s just completely destroyed my computer.

Jim Brangenberg: You’ll know soon when the FBI knocks on your door, like, why are you doing, what kind of malicious things are you doing from your computer? We’ve got your IP pegged right here.

Patrick McMurphy: Now, it wasn’t just Levashov using Kelihos. What he wanted to do, he wants to sell it. He wanted to be a businessman about this. For example, for 200 dollars, vetted users could hire Kelihos, and they could blast 1 million emails containing malware or ads to whoever they wanted.

There was multiple scams going on under this, including things like money mule scams. So you could pay anywhere between 300 or 500 dollars, depending on the size of the crowd needed. So this guy was a businessman, a mathematician, and a really good hacker.

Now, so Kelihos began really in the mid 2000s but it really only became known to authorities in 2010 during its peak. And the reason it took so long was because of Zeus, which we mentioned in the last episode. The Zeus malware trojan was so dominant that a lot of other malware just it hid away because Zeus dominated everything. So he was really getting away in the dark with all of this. But eventually, as Zeus got played down a little bit, Interpol and the FBI got on the case, but they had no idea who this guy was, who was the creator.

What they did know was that Kelihos was on the scene for years, it had propagated very widely, that parts of the botnet were being leaked out, all these kind of things. But he had left zero evidence, digital footprint behind. Which you would think, right? All hackers, they’re all very quiet people, you can’t detect them except one of the funniest things about this story is that he got caught because he used an Apple iCloud email address in all of this.

So this is the best part of it. So what the FBI knew is that, they knew that this guy’s nickname was Severa. What they then realized that there was an Apple iCloud called [email protected]. That was the whole email address. So one day they said, hey, let’s check out where this iCloud is looking. And as it happened, it pointed to two Kelihos link servers, which then point back to Russia. So straight away, our boy is caught. It’s over for him at this point. He gets pinned. He gets pinned off an iCloud address. It’s not good. Not good for him.

Jim Brangenberg: He is a criminal, not thinking. ICloud and the app. Yeah, I don’t think so. He was partnering with Apple in order to complete his crimes. I love that. So then who arrests him?

Patrick McMurphy: So what happens, by 2017, Levashov, he gets arrested in Barcelona and is straight away extradited to the U S. Now, unlike our last episode, there was no smiling photo we got of him. But the U. S. took him in pretty quickly.

Brad Hawkins: And so he gets arrested, he gets shipped to America. Now, the question that I’ve got is, a lot of times, they end up going to Russia. Do you have any idea what happens, how do they determine if they go to America or they go to Russia? Or who’s arresting them? How do they determine when it’s a worldwide crime?

Patrick McMurphy: Yeah. So normally they would get shipped over to the U S and they would serve. And this is where the question you just asked gets its most confusing answer in the case of Levashov.

So he gets over there and he gets sentenced to 12 years. However, he gets released after 33 months. Which is incredible. The federal judge said that it was a long way to be away from his wife, child and home. So after 33 months, they let him out. So you’re scratching your head here and you’re saying, what just happened? How did this guy just get 33 months in prison? And you’ll say, okay, he’s back in Russia. He’s not. The man is living in Connecticut. He’s a free man in Connecticut right now. He’s apparently waiting to be deported. But right now he is in Connecticut. Free.

Brad Hawkins: Is his wife and kid in Connecticut too?

Jim Brangenberg: I think we should leave that, that, I think we should leave that off the podcast. Let’s leave the wife and kid alone.

Patrick McMurphy: Alright. I think so. I think so. I’ll agree with Jim on that one. Now he started several businesses within the US. I’m not gonna name them. They’re very around stocks and things like that. Now he is saying right now he’s trying to crack what he considers the most elusive puzzle of the information age, which he thinks is how to teach machines how to pick stocks. Now, if you’ve ever looked at following stocks, a lot of companies are trying this with machines. It’s not 100 percent yet, but he’s actually still looking for investors. I don’t recommend investing in this guy.

Now he started other businesses in the U S. Again, I’m not going to name them. He started several telegram channels. I did join one. He’s talking constantly on it. This guy will talk to you if you try to talk to him. But yeah, hugely invested in AI. Hi Matt Magazine just did a huge interview with him about six months

ago and what I want to close with him, and this is what makes him one of the most unusual figures we’ve ever talked about.

So you can look up this guy, you can find all these magazines who have interviewed him. If you look him up in terms of his name or his nicknames, if you type his names into any AI machine, any of the big AI machines, they spit out errors. chatgpt, etc. They cannot talk about this guy and no one knows why. I’ve ran this through so many people – AI cannot talk about Levashov at all. So there’s two reasons people think. The first is that he had made some huge deal with the US, which he probably did, which is why he got 33 months. And there, there was some kind of, gag order put on AI. Now the other part could be because he’s so invested in AI, he’s reverse engineering all these AI clouds that people don’t know about and stopping his name getting out of the open in a bad way. That is, that is our spam lord today.

Brad Hawkins: Maybe he’s turned to be white hat for the US government. Who knows?

Patrick McMurphy: I mean if they gave him a house in Connecticut, maybe man

Jim Brangenberg: I just wonder, does he like spam? He’s the spam lord. Does he like spam? And if he really does like spam, why isn’t he in Hawaii instead of Connecticut? I just don’t understand.

Patrick Mcmurphy, again, another incredible story. Brad, we’re so grateful to SaferNet for bringing us these stories. It’s always fun to talk about these guys. I sometimes I just want to meet them and go, okay, what really is driving you? And then I think better of that.

Just know that you’re heard it here: the internet and everything digital has a dark side and many dark players. It’s why you need SaferNet by your side, protecting you all day long. VPN, antivirus, 200 internet filters, internet controls, so much more. Please for your online security, check out safernet.com and get secured today. Safer net. com it’s reasonable, it’s affordable, and it’s powerful. Till next time, click only on the attachments you trust from those you trust and delete the rest, or you may become the next victim of a digital desperado.

Transcript Ends.

And there you have it, folks—a journey through the murky waters of cybercrime with our own Digital Desperados, shining a light on the shadowy figures behind the screens. We’ve laughed at the absurdity, marveled at the ingenuity, and cringed at the audacity of digital bandits like the infamous Spam Lord. It’s stories like these that remind us how crucial device-level security really is.

SaferNet VPN isn’t just a product; it’s peace of mind in an app, giving you the power to protect every device you own, every step of the way. From your phone to your tablet, to your grandma’s desktop, SaferNet’s got your back, safeguarding your digital footprint with a fortress of features designed to keep the intruders out.

As we log off today, remember that in this digital frontier, you’re the sheriff of your own town. Don’t ride into the sunset without the right gear. Head over to safernet.com and armor up with the VPN that doesn’t just promise security, it delivers—right at the device level.

Until our next tech-tales rendezvous, keep your passwords unpredictable, your connections secure, and your devices protected. Because in the end, the smartest move against cybercrime is the one you make before they do.

Safe browsing, everyone, and don’t forget to stay tuned for more Digital Desperados insights that keep you one click ahead of the hackers.