A report by Benoit Ancel, a malware analyst with CSIS security group, linked 1ms0rry to the following malware strains:

• 1ms0rry-Miner: a trojan that, once installed on a system, starts secretly mining cryptocurrency to generate profit for its author.
• N0f1l3: an info-stealer trojan that can extract and steal data from infected computers. Capabilities include the ability to steal browser passwords, cryptocurrency wallet configuration files, Filezilla FTP credentials, and specific files stored on a user’s desktop.
• LoaderBot: a trojan that can be used to infect victims in a first stage and then deploy other malware on-demand during a second stage (aka a “loader”).

Enterprise network defenders should plan to detect and deter cyber criminals that continue to operate out of Russia and other countries that have a track record of not investigating crimes committed against the rest of the world. Although arrests are unlikely, it is still useful to report relevant information about major cyber crimes to law enforcement authorities for two reasons. First, because law enforcement can often seize servers operated by criminals and share more detailed information about malware operations with defenders, and also because when foreign criminals travel to countries from which extradition is possible, sometimes even well-protected Russian criminals have been brought to justice in US courtrooms and in the criminal justice system of other countries.

Source: https://www.zdnet.com/article/russian-authorities-make-rare-arrest-of-malware-author/?&web_view=true