Peter Levashov, 37, was extradited in February to the United States from Spain, where he was arrested more than a year ago on a US warrant.
He was said to be behind a series of international botnet and spamming operations dating back to the 1990s, most notoriously the Kelihos botnet, which he leased to others to steal identities, unleash torrents of spam and extort ransom from computer owners.
On April 7, 2017 US authorities took down Kelihos just as Spanish authorities picked up Levashov entering the country at Barcelona airport.
The Spamhaus Project, which documents spam, botnets, malware and other abuse, at the time called Levashov “one of the longest operating criminal spam-lords on the internet.”
Levashov agreed Wednesday to plead guilty to one count of causing intentional damage to a protected computer, one count of conspiracy, one count of wire fraud and one count of aggravated identity theft.
“For over two decades, Peter Levashov operated botnets which enabled him to harvest personal information from infected computers, disseminate spam, and distribute malware used to facilitate multiple scams,” said Assistant Attorney General Benczkowski.
Levashov faces years in prison on the charges. He is scheduled for sentencing on September 6th, 2019. The Justice Department did not explain the long gap between his guilty plea and sentencing.