The person at the center of this case
Multiple victims of identity theft and financial fraud
Cold Case · Open
4 years waiting · since 2021
ALEXANDER LEFTEROV
Justice for Multiple victims of identity theft and financial fraud — the trail went cold in 2021, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is Lefterov's current location and has he fled to another country?
🔍
evidence
Lead #2How many victims were affected by the botnet and what was the total financial loss?
📞
contact
Lead #3Who were Lefterov's co-conspirators and have they been identified or arrested?
Alexander Lefterov, a Moldovan cyber criminal, allegedly operated a sophisticated botnet from March through November 2021 under aliases including 'Alipako' and 'Uptime,' stealing credentials and personal information from thousands of infected computers. Using an online dashboard, Lefterov and his co-conspirators accessed victim accounts at financial institutions, payment processors, and retailers, while also selling botnet access to other criminals. A federal arrest warrant was issued on December 29, 2021, but Lefterov remains at large and his current whereabouts are unknown.
Case
#791
United States District Court, Western District of Pennsylvania; Federal Bureau of Investigation
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
💡
clue
Lead #4Can the online dashboard infrastructure be traced to identify additional criminal networks?
👤
person
Lead #5Has Lefterov used other aliases or online identities beyond 'Alipako' and 'Uptime'?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Conspiracy to Commit Computer Fraud; Intentional Damage to a Protected Computer; Unauthorized Access of a Protected Computer to Obtain Information for Private Financial Gain; Aggravated Identity Theft; Conspiracy to Commit Wire Fraud Caution: Alexander Lefterov is wanted for his alleged involvement in cyber-related crimes. From approximately March of 2021 through November of 2021, Lefterov, using the online monikers "Alipako" and "Uptime" among others, allegedly conspired with others to profit from his operation and control of a botnet comprised of thousands of malware-infected computers.
Lefterov and his co-conspirators allegedly used malware to steal victim credentials to online accounts, including accounts at financial institutions, payment processors, and retail establishments, as well as other personal information, from infected computers within the botnet. Lefterov and his co-conspirators allegedly used an online dashboard or panel to monitor the infected computers, access victim credentials, and access victim computers.
Lefterov and his co-conspirators also allegedly sold access to the botnet to other cyber criminals, allowing cyber criminals to gain unauthorized access to victims’ online accounts by fraudulently posing as the legitimate account holder. On December 29, 2021, a federal arrest warrant was issued for Lefterov in the United States District Court, Western District of Pennsylvania, after he was charged with Conspiracy to Commit Computer Fraud; Intentional Damage to a Protected Computer; Unauthorized Access of a Protected Computer to Obtain Information for Private Financial Gain; Aggravated Identity Theft; and Conspiracy to Commit Wire Fraud.
Remarks: Lefterov is a citizen of Moldova and last resided in Chisinau, Moldova.
Timeline of Events
🕵️
2021-03-01
Botnet operation begins
Lefterov and co-conspirators begin operating botnet using malware to steal credentials
🕵️
2021-11-30
Botnet operation ends
Alleged botnet operation ceases in November 2021
🕵️
2021-12-29
Federal arrest warrant issued
Warrant issued in U.S. District Court, Western District of Pennsylvania for multiple cyber crimes
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:March 1, 2021
Last Updated:May 13, 2026
Leave a comment
Comments
Case Information
Incident:March 1, 2021
Last Updated:May 13, 2026