Icedid Malware Developer Fakes His Own Death To Escape The FBI

Icedid Malware Developer Fakes His Own Death To Escape The FBI

A Ukrainian man who developed and managed the IcedID malware botnet faked his own death in an attempt to escape the FBI and jail time in the US. The unnamed suspect bribed Ukrainian cops to falsify a dead man’s documents and issue a death certificate in his name. According to court documents, the suspect appears to have been one of the top individuals inside the IcedID malware operation.

This attempt to evade justice happened in April 2024, a month before Europol and the FBI seized IcedID servers during Operation Endgame—suggesting there was either a leak in the investigation or that the suspect saw law enforcement agencies probing his servers. Despite faking his own death, the suspect continued to live at his normal residence in Uzhhorod, a Ukrainian city near the border with Slovakia, so not the smartest tool in the shed when it comes to OpSec. He was finally arrested in December of last year. During a search of his home, he tried to pass as another person and even showed fake documents in the new name.

Following his capture, Ukrainian officials have now seized apartments, parking spaces, and cars that the suspect passed on to his mother, ex-wife, and her parents after his (fake) death. The judge imposed a bail of UAH 400 million ($9.3 million), deeming him a flight risk.

Shortly after his arrest, a second IcedID developer was also arrested in Kyiv. Ukrainian court documents reveal the two were part of a larger group of IcedID developers, calling themselves the Digital 8. The court documents mention that this second suspect has “a wide circle of acquaintances among law enforcement officers and the criminal community.” Just like the first suspect, he was deemed a flight risk and his bail was also set at an astronomical level for Ukraine, at UAH 382.7 million ($8.9 million).

For more details, check out the full article here: Read full article