Apple played a surprisingly big role in helping track down one the world’s worst spammers, according to an affidavit unsealed today and picked up by The Verge. According to the document, Russian spam king Peter Levashov was tracked down in large part due to his iCloud usage…
Levashov operated under the alias “Severa” and rented out access to spammers and cybercriminals through his Kelihos botnet. He’s regarded as “one of the ten worst spammers in the world” and ran fake antivirus software and various other spamming operations.
The affidavit released today shows how server records, Jabber messages, online payments, and iCloud led to federal agents successfully tracking down Levashov. For instance, investigators seized two Kelihos servers in Luxembourg, which showed frequent access to Levashov’s email account because he was using the servers as a proxy.
Investigators also tracked down an iCloud account in Levashov’s name. From there, they requested information such as “login IP addresses” and were successfully granted a warrant. Apple was then placed under gag order so it couldn’t share details about the investigation.
Levashov was located in Russia at the time, so investigators put the case on hold until he traveled to an extraditable country. Sure enough, he eventually traveled to Barcelona where he was arrested at the request of U.S. law enforcement. While the affidavit published today doesn’t offer details on how investigators knew he traveled to Barcelona, with access to Levashov’s iCloud, investigators seemingly had access to all of the IP addresses used to access the account.
The Verge reached out to Apple for comment on the story, but the company said that it does not comment on law enforcement cases.
This is certainly an interesting case and shows how Apple is able to successfully work with law enforcement agencies in the right cases. With investigators monitoring Levashov’s iCloud account for nearly a year, it’s clear that data played an instrumental role in tracking him down.