FBI Malware Broker Awaits Sentencing
A Jordanian national is set to be sentenced in the United States after admitting to criminal activities as a malware broker. Feras Khalil Ahmad Albashiti, aged 40, engaged in cybercrime targeting over 50 companies across the country.
Role as an Initial Access Broker
Albashiti operated under the alias r1z while residing in Georgia during 2023. He facilitated unauthorized access to various businesses and committed these crimes through malicious activities.
Undercover Operation and Arrest
On May 19, 2023, an undercover FBI agent interacted with Albashiti, purchasing access to the businesses for $5,000 in cryptocurrency. The agent noted that Albashiti advertised access to firms that utilized specific firewall products.
- Albashiti provided a list of IP addresses, usernames, and instructions to breach the networks.
- The agent made subsequent purchases totaling $15,000 for malware that disables endpoint detection and response (EDR) software.
Malware Transactions and Evidence
During the malware demonstration, Albashiti connected to an FBI-controlled server, inadvertently exposing his IP address. This act linked him to a ransomware attack that caused $50 million in damages to an anonymous U.S. manufacturer.
Identification and Extradition
Law enforcement utilized records from the U.S. State Department to pinpoint Albashiti. In 2016, he applied for a visa using the same email tied to his r1z online persona. This email was also associated with a Google Pay account and multiple credit cards.
Upcoming Sentencing Details
Albashiti was extradited from Georgia in July 2024 and is scheduled for sentencing on May 11, 2026. He faces a maximum penalty of ten years in prison and up to $250,000 in fines.
