Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Expenses

Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Expenses
Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Expenses


A coalition of regulation enforcement companies coordinated by the U.Okay. Nationwide Crime Company (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be related to Russian-speaking cybercrime teams.

Maksim Silnikau (aka Maksym Silnikov), 38, glided by the net monikers J.P. Morgan, xxx, and lansky. He was extradited to the U.S. from Poland on August 9, 2024, to face prices associated to worldwide laptop hacking and wire fraud schemes.

“J.P. Morgan and his associates are elite cyber criminals who practiced excessive operational and on-line safety in an effort to keep away from regulation enforcement detection,” the NCA said in an announcement.

These people, the company mentioned, had been liable for the event and distribution of ransomware strains similar to Reveton and Ransom Cartel, in addition to exploit kits like Angler. Reveton, launched in 2011, has been described because the “first ever ransomware-as-a-service enterprise mannequin.”

Victims of Reveton have been discovered to have acquired messages purporting to be from regulation enforcement, accusing them of downloading baby abuse materials and copyrighted packages and threatening them with massive fines to keep away from imprisonment and achieve entry to their locked units.

The rip-off resulted in about $400,000 being extorted from victims each month from 2012 to 2014, with Angler infections accounting for an estimated annual turnover of round $34 million at its peak. As many as 100,000 units are believed to have been focused by the exploit equipment.

Cybersecurity

Silnikau, alongside Volodymyr Kadariya and Andrei Tarasov, are mentioned to have been concerned within the distribution of Angler and for leveraging malvertising methods from October 2013 by way of March 2022 to ship malicious and rip-off content material designed to trick customers into offering their delicate private data.

The stolen data, similar to banking data and login credentials, and entry to the compromised units had been then provided on the market in Russian cybercrime boards on the darkish net.

“Silnikau and his co-conspirators allegedly used malware and varied on-line scams to focus on thousands and thousands of unsuspecting web customers in america and all over the world,” FBI Deputy Director Paul Abbate said. “They hid behind on-line aliases and engaged in advanced, far-reaching cyber fraud schemes to compromise sufferer units and steal delicate private data.”

The prison scheme not solely induced unsuspecting web customers to be forcibly redirected to malicious content material on thousands and thousands of events, but additionally defrauded and tried to defraud varied U.S.-based firms concerned within the sale and distribution of reputable on-line adverts, the U.S. Justice Division (DoJ) mentioned.

Outstanding among the many strategies used to disseminate malware was the Angler Exploit Package, which leveraged web-based vulnerabilities in net browsers and plugins to serve “scareware” adverts that displayed warning messages claiming to have discovered a pc virus on victims’ units after which deceived them into downloading distant entry trojans or disclosing private figuring out or monetary data.

“For years, the conspirators tricked promoting firms into delivering their malvertising campaigns by utilizing dozens of on-line personas and fictitious entities to pose as reputable promoting firms,” the DoJ mentioned.

“Additionally they developed and used subtle applied sciences and laptop code to refine their malvertisements, malware, and laptop infrastructure in order to hide the malicious nature of their promoting.”

A separate indictment from the Japanese District of Virginia additionally accused Silnikau of being the creator and administrator of the Ransom Cartel ransomware pressure starting in Could 2021.

“On varied events, Silnikau allegedly distributed data and instruments to Ransom Cartel individuals, together with details about compromised computer systems, similar to stolen credentials, and instruments similar to these designed to encrypt or ‘lock’ compromised computer systems,” the DoJ famous.

“Silnikau additionally allegedly established and maintained a hidden web site the place he and his co-conspirators might monitor and management ransomware assaults; talk with one another; talk with victims, together with sending and negotiating fee calls for; and handle distribution of funds between co-conspirators.”

Cybersecurity

Silnikau, Kadariya, and Tarasov have been charged with conspiracy to commit wire fraud, conspiracy to commit laptop fraud, and two counts of substantive wire fraud. Silnikau has additional been charged with conspiracy to commit laptop fraud and abuse, conspiracy to commit wire fraud, conspiracy to commit entry machine fraud, and two counts every of wire fraud and aggravated id theft.

If convicted on all counts, he faces greater than 50 years in jail. Previous to his extradition, he was arrested from an condominium in Estepona, Spain in July 2023 as a part of a coordinated effort between Spain, the U.Okay., and the U.S.

“Their influence goes far past the assaults they launched themselves,” NCA Deputy Director Paul Foster mentioned. “They basically pioneered each the exploit equipment and ransomware-as-a-service fashions, which have made it simpler for folks to turn into concerned in cybercrime and proceed to help offenders.”

“These are extremely subtle cyber criminals who, for a lot of years, had been adept at masking their exercise and identities.”

Discovered this text fascinating? Comply with us on Twitter and LinkedIn to learn extra unique content material we put up.



Leave a Reply

Your email address will not be published. Required fields are marked *