Aleksei Olegovich Volkov, a 26-year-old Russian citizen, has been sentenced to 81 months in prison in the U.S. after pleading guilty in November to collaborating with major cybercriminal gangs, including the Yanluowang ransomware group, in dozens of attacks against American companies and organizations.
Volkov was arrested in Rome by Italian police and subsequently extradited to the U.S., where he accepted a plea agreement that consolidated charges filed in the Southern District of Indiana and the Eastern District of Pennsylvania.
The sentence was announced after he admitted to facilitating dozens of attacks that caused actual losses exceeding $9 million and projected losses surpassing $24 million.
According to court documents, Volkov acted as an “initial access broker,” meaning a person specialized in finding vulnerabilities in the networks and computer systems of companies and organizations, gaining unauthorized access, and selling it to other cybercriminals.
His accomplices used these accesses to install ransomware, encrypt data, and block operations, then demanding ransoms in cryptocurrencies. Subsequently, the hacker and his accomplices would split the money from these ransoms.
Among the identified victims, at least six received compensation through the payment of more than $9 million in restitution. Two of the victims even disbursed a total of $1.5 million to the bank to unlock their systems, of which Volkov took more than $256,000 just in commissions. Additionally, the hacker offered access to other companies to third-party cybercriminals, generating additional income from the hacked systems.
‘False flag’ attacks
The Yanluowang group, active between 2021 and 2022, stood out for attacking large Western companies, such as Cisco or Walmart.
However, at the end of that year, the leak of the content of one of its internal channels—with more than 2,700 published messages—allowed investigators to confirm that the group was not linked to China, as its name might suggest, but that at least one of its members belonged to the Russian Ministry of Defense. The combination of this leak and the release of a free decryptor created by the security firm Kaspersky led to the definitive dissolution of the collective.
The conviction of the Russian cybercriminal has been announced by Assistant Attorney General A. Tysen Duva, along with prosecutors Thomas E. Wheeler II, David Metcalf, and other FBI agents in Indianapolis and Philadelphia.
“The investigation and prosecution of Volkov demonstrate international cooperation in the fight against cybercrime and ransomware, even when attackers operate across borders and use cryptocurrencies to conceal their profits,” highlights the U.S. justice system in a press release.
Click Here For The Original Source.
