Finally revealed: identity of hacker blamed for stealing from 300+ companies and governments, in 44 countries

Unsealed court documents reveal the identity of Fxmsp, a hacker from Kazakhstan who is blamed for information theft from more than 300 companies and governments, in 44 different countries around the world.

Patrick O'Neill at MIT Technology Review reports on the hacker identified as a 37-year-old man from Kazakhstan.

Known as Fxmsp, the hacker became famous in 2019 when that he advertised access and source code for leading cybersecurity companies, amid claims he could make an individual "the invisible god of networks." His identity and techniques remained largely not known, however.

But today an American court unsealed criminal charges that named a single Kazakh national, Andrey Turchin, as the man behind the attacks, and detailed five felony charges against him. The charges date back again to 2018, when American investigators say they uncovered Turchin's real identity, but had remained sealed—which is typical in cases involving foreign hackers. But a judge in the Western District of Washington ruled to unseal the charges in large part because a cybersecurity company, Group-IB, had publicly revealed Turchin's identity in a report last month.

Fxmsp first emerged in 2016 as a hacker with plenty of technical capabilities and a string of data breaches under his belt, but little business expertise, based on Group-IB. Within a year, that he was advertising access to the corporate networks of banks and hotels around the world, an indication of rapid success and a growing criminal business.

Read more at MIT Tech Review:
Criminal charges reveal the identity of the "invisible god" hacker

[via techmeme]