The suspect whom international authorities arrested in Belarus during a 29 November operation to dismantle the Andromeda botnet has been identified with a high degree of certainty as Jarets Sergey Grigorevich – aka Ar3s, a high-profile cyber-criminal and malware expert.
According to a 5 November blog post from Recorded Future’s Insikt Group, whose researchers made the identification, Ar3s, 33, is the mastermind of the botnet, and “one of the oldest and more highly respected members of the criminal underground.”
Also known as Apec (in Russian), Ch1t3r, and Sergey Jaretz or Sergey Jarets, Grigorevich’s dealings in the Russian-speaking underground date back to at least 2014, the post continues. “Ar3s is recognised as a leading expert in malware development and reverse engineering, network security, and antivirus technology,” writes company blog post authors Andrei Barysevich, director of advanced collection, and Alexandr Solad, intelligence analyst.
In addition to developing Andromeda, Ar3s also created the brute-forcing tool Windows SMTP Bruter v.1.2.3, and also