RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2024/09/09 15:54:10

Russian hackers

Content

The main articles are:

2024

US authorities accused Russian of creating hacker software to steal data from companies

On October 29, 2024, the Ministry of Justice USA announced that Russia charges had been brought against citizen Maxim Rudometov in the development and administration of the malicious software Redline. This malware belongs to the class of steelers - viruses designed to steal various data, including logins and passwords. More. here

The court of St. Petersburg gave up to 6 years in prison to hackers from the REvil group

On October 25, 2024, the St. Petersburg Garrison Military Court sentenced four members of the REvil hacker group. They received from four and a half to six years in prison for the illegal circulation of payments and the distribution of malicious software. Read more here.

The United States accused Russian Alexander Ryzhenkov of attacks by the BitPaymer ransomware virus

On October 1, 2024, the US Department of Justice announced that Russian Alexander Ryzhenkov was charged with using the BitPaymer ransomware virus to carry out attacks on American companies. It is associated with the cybercriminal groups Evil Corp and LockBit. Read more here.

US indicts six Russians for cyber attacks on NATO

In September 2024, the US Department of Justice charged six Russians with cyber attacks on NATO. They are charged with conspiracy to commit computer hacking and electronic fraud. The list of defendants included:

US indicts six Russians for cyber attacks on NATO

  • Yuri Denisov;
  • Vladislav Borovkov
  • Denis Denisenko
  • Dmitry Goloshubov
  • Nikolai Korchagin.
  • Amin Sitgal

According to court documents, on January 13, 2022, the defendants conspired to use the services of an American company to distribute malware known in the cybersecurity community as WhisperGate to the Ukrainian government's IT systems. Although this software looks like a ransomware virus, WhisperGate was actually a system for completely destroying the target computer and all the data stored on it, the American Ministry of Justice claims. According to the Ministry of Justice, with the help of this program, in particular, the resources of the Ministry of Internal Affairs of Ukraine, the Ministry of Education, the Ministry of Agriculture, and the Ministry of Energy were hacked. In August of the same year, according to the department, the defendants in the case hacked the transport infrastructure of the "country in Central Europe" (which is not specified).

According to the department, the accused hacked several Ukrainian computer systems, extracted confidential data, including medical records of patients. On the same day, the defendants put the stolen data up for sale online.

The US Department of Justice claims that the targets of the accused were Ukrainian government systems and data that did not have a military or defense role. Hackers later attacked the computer systems of various countries, including the United States and 25 other NATO countries, the ministry said in a statement. For information about the location of any of them, the State Department will pay a reward of up to $10 thousand.

Russian arrested in Argentina, accused of money laundering for hackers

At the end of August 2024, Argentine police arrested a Russian citizen accused of money laundering for hackers. According to law enforcement agencies, the man participated in multimillion-dollar criminal schemes using cryptocurrencies.

According to the report of the analytical company TRM Labs, which helped in the investigation, 29-year-old Russian V. B. (full name is not disclosed) allegedly carried out money laundering operations in his apartment in Buenos Aires. It has been linked to the Lazarus Group cyber group and other criminal communities. According to investigators, the suspect laundered money through cryptocurrency exchanges and then converted it into ordinary paper currency. According to TRM Labs, the man tried to hide his tracks using a "complex network of transactions with several different assets and several blockchains."

Russian accused of money laundering for hackers arrested in Argentina

Law enforcement identified the suspect's location using data provided by the Binance crypto company. During the arrest, Argentine police had to read a court order in Spanish and translate it into Russian using artificial intelligence so that the man could understand and comprehend the charges against him. He lived in Argentina for two years but does not speak Spanish.

During a search of V. B.'s apartment, the police seized cryptocurrency worth more than $120 thousand. In addition, electronic devices have been confiscated that may contain information about money transfers and crypto assets related to organized crime. Law enforcement officers also found $15 million in other assets controlled by the man. During the investigation, it was established that as of December 18, 2023, the suspect had completed 2,463 transfers through Binance Pay in the amount of $4,532,305.[1]

Russian in the United States sentenced 3 years in prison for selling hundreds of thousands of logins and passwords on the darknet

In mid-August 2024, it became known that a US court sentenced a Russian to 3 years in prison for selling financial information and credentials on the Slilpp criminal Internet site.

In the dock was 27-year-old Georgy Kavzharadze, known by such online pseudonyms as "TeRorPP," "Torqovec" and "PlutuSS," who was extradited to the United States in 2022 and pleaded guilty in February 2024. He was ordered to return $1.2 million earned by illegal transactions, the US Department of Justice said in a statement. Read more here.

In the United States, a Russian was arrested on charges of administering a site for training hackers

In early August 2024, it became known that a Russian citizen Pavel Kublitsky was arrested in the US state of Florida on charges of cyber fraud. He is suspected of administering a site to train hackers. Read more here.

Russian Roman Seleznev, sentenced in the United States to 27 years in prison for cyber attacks, returned to Russia

On August 1, 2024, the Federal Security Service of the Russian Federation (FSB) reported that Russian Roman Seleznev, sentenced in the United States to 27 years in prison for cyber attacks, was returned to his homeland. It is noted that the man is seriously ill, and in an American prison he did not receive the necessary medical care. Read more here.

Two Russians in the United States admitted to participating in the Lockbit hacker group

On July 18, 2024 United States Department of Justice , it reported that two Russians recognized themselves as members of a hacker group LockBit specializing in conducting a cyber attacks ransomware virus. They confessed to illegal activities and, Ruslan Astamirov Mikhail Vasiliev who face long-term imprisonment. More here

US imposes sanctions on two Russians accused of cyber attacks on water companies

On July 19, 2024, the US Treasury Department announced the inclusion of two Russians on a cybersecurity-related sanctions list. Denis Degtyarenko and Yulia Pankratova are suspected of involvement in cyber attacks on water supply facilities. Read more here

The United States is looking for a Russian who is accused of destroying the IT systems of the Ukrainian government

On June 26, 2024, the US Department of Justice announced that charges were brought against Russian citizen Amin Stigal of trying to hack and destroy the computer systems of a number of government organizations in Ukraine. For information about the whereabouts of the man, the American authorities offer a reward of up to $10 million. Read more here

The United States imposed sanctions against Dmitry Khoroshev, who is accused of managing the world's largest ransomware group LockBit

On May 7, 2024, the United States imposed sanctions on Russian Dmitry Khoroshev, who is said to be the leader of the world's largest group of LockBit ransomware hackers. For information that will lead to his arrest, a reward of $10 million is assigned. Read more here.

Australia imposed sanctions against Russian for hacking Medibank bases

On January 23, 2024, the Ministry of Foreign Affairs Australia announced the introduction of personal sanctions against Russian Alexander Ermakov. The man is Medibank accused of involvement in the hacking of databases - the largest Australian medical insurance company. More. here

2023

Russian admits to creating Trickbot virus, due to which hospitals and schools in the United States lost tens of millions of dollars

November 30, 2023 United States Department of Justice reported that Russian Vladimir Dunaev pleaded guilty to the development and distribution of malicious software Trickbot. This, malware according to the investigation, was used for cyber attacks American hospitals, educational institutions and other organizations. More. here

"Газета.ру" revealed the name and details of the life of the leader of the pro-Russian hacker group Killnet, which has repeatedly attacked NATO infrastructure

On November 21, 2023, Газета.ру revealed the name and details of the life of the leader of the pro-Russian hacker group Killnet, which has repeatedly attacked NATO infrastructure. According to the publication, the real name of the hacker known on the darknet as Killmilk is Nikolai Nikolaevich Serafimov. He was born on May 16, 1993. Read more here.

"We Russians are not afraid of the American authorities." The most wanted Russian hacker, for whom they give $10 million, talked to journalists

In early October 2023, the most wanted Russian hacker Mikhail Matveev, also known as Wazawaka and Boriselcin, talked to reporters. He said that his life did not change too much after the United States added him to the sanctions list, and the FBI promised a reward of $10 million for information that would help in his capture. Read more here.

US authorities announced a reward of $10 million for data on "Russian hackers" who attacked critical infrastructure

On June 16, 2023, the US State Department announced a reward of up to $10 million for information linking attacks by hackers from the Clop group with a foreign government. According to American payments, these are "Russian hackers." Read more here.

In the United States, a native of Chechnya was arrested, who is accused of cyber attacks using the world's most popular ransomware viruses

July 15, 2023 United States Department of Justice announced the indictment of citizen Russia Ruslan Astamirov in the spread of numerous ransomware viruses, as well as in other cyber attacks on computer systems in,, and USA Asia To Europe Africa. More. here

The State Department promised a reward of $10 million for the capture of Russian hacker Mikhail Matveyev

On May 16, 2023, the US State Department announced a $10 million reward for information that would help capture Russian hacker Mikhail Matveyev. Read more here.

Georgia extradites Russian wanted by FBI to US, accused of hacking computers of tens of thousands of Americans

Georgia extradited to the United States a Russian wanted by the FBI, who is accused of hacking into the computers of tens of thousands of Americans. The press service of the Georgian prosecutor's office announced this on March 13, 2023. Read more here.

A resident of Ulyanovsk was sentenced to 8.5 years in prison for spreading a virus that stole 2.5 billion rubles

In mid-February 2023, it became known about the verdict to a resident of Ulyanovsk, Alexei Gulyaev, who, according to the investigation, was a member of the hacker group Lurk. He received a sentence of 8 years and 6 months in a general regime colony. Read more here.

The case of hackers who are accused of selling personal data of Russians on the dark web has been brought to court

The court referred the case, hackers which is accused personal data Russians Darknet of selling in. This became known on February 11, 2023.

They are charged with organizing a criminal community.

The indictment in a criminal case related to the trafficking of stolen personal data of Russians from the Federal Tax Service, the Pension Fund, the Ministry of Internal Affairs and banks on the darknet Marketplace Hydra Market was approved by the Russian Prosecutor General's Office.

Materials regarding hackers involved in the case were transferred to the Vsevolozhsk City Court Leningrad Region for consideration of the case on the merits. Sergey Yurtsovsky, Andrey Sadyrev, Angelika Martynenko and Dmitry Lyubich are involved in the case. They are charged with organizing a criminal community, illegal access to, computer information disclosure of information that constitutes tax bank a secret.

During the specified period, they illegally gained access to information several times, copying it from the databases FTS FIU,, and Credit History Bureau MINISTRY OF INTERNAL AFFAIRS banks. Further, information illegally obtained about more than 6.5 thousand individuals was sold to customers.

They are accused of organizing a criminal community or participating in it (according to Parts 1, 2, 3 of Article 210 of the Criminal Code of the Russian Federation), in unlawful access to computer information (according to part 4 of article 272 of the Criminal Code of the Russian Federation), and in the illegal receipt and disclosure of information that constitutes tax and bank secrets (according to part 3 of article 183 of the Criminal Code of the Russian Federation)[2] to[3]

2022

A Russian convicted of cybercrime in the United States is deported to the Russian Federation

In December 2022, it became known about the upcoming deportation of Yuri Martyshev, who was convicted of cybercrime in the United States. This was told by his lawyer Alexei Tarasov. Read more here.

A Ukrainian hacker was detained in Switzerland, whom the FBI has been looking for for 10 years

On November 15, 2022, it became known that Vyacheslav Penchukov was arrested in Geneva: he is believed to be one of the leaders of the Zeus cybercriminal group. Read more here.

The Netherlands extradited to the United States a Russian accused of laundering money earned from cyber attacks

On August 17, 2022, it became known about the extradition of Denis Dubnikov from Holland to the United States. The Russian is accused of laundering money earned through cyber attacks. Read more here.

A court in Moscow arrested a hacker accused of hacking into the IT systems of Russian customs

As it became known on June 15, 2022, a court in Moscow placed hacker Oleg Rusakovich under house arrest, who, according to the investigation, together with "unidentified persons" hacked into the unified information system of the Federal Customs Service (FCS). Read more here.

Hacker convicted of installing malware in Cherepovets

On March 29, 2022, it became known that a hacker was convicted of installing malware in Cherepovets.

A 21-year-old resident of the Cherepovets district decided to cash in on Internet users. For several months, the young man installed malware on other people's computers remotely. They blocked the operation of technical means, and a message with the conditions for resuming work crawled out on the screens of users.

File:Aquote1.png
"The program displayed a pre-prepared text message on the user's screen with an offer to unlock the computer for a monetary reward in the form of a transfer to cryptopurse malefactor," -

reports the press service of the FSB of the Russian Federation in the Vologda region.
File:Aquote2.png

The young man was engaged in a similar lesson from August to October 2020. In total, Cherepovchanin blocked more than a thousand computers, the press service of the FSB reports.

After the arrest, the young man pleaded guilty and provided the investigation with the necessary assistance. The criminal case was initiated on the facts of using programs designed to block information and neutralize protective equipment. The prosecution emphasized that the crime was committed by a hacker out of selfish interest.

Taking into account the admission of guilt and assistance to the investigation, the convict was sentenced to a year of suspended imprisonment with a probationary period of six months. The verdict entered into legal force.[4]

The leader of the Lurk group Konstantin Kozlovsky received 14 years in a maximum security colony

In mid-February 2022, the Kirovsky District Court of Yekaterinburg sentenced the alleged leader of the hacker group LurkKonstantin Kozlovsky to 14 years in a strict regime colony with restriction of freedom for one year. He was found guilty under Part 1 of Article 210 of the Criminal Code of the Russian Federation ("Organization of a criminal community"), Part 3 of Article 272 of the Criminal Code of the Russian Federation ("Illegal access to computer information") and Part 4 of Article 159 of the Criminal Code of the Russian Federation ("Fraud in the field of computer information"). Read more here.

US authorities detained a Russian hacker who stole $71 million in bitcoins, which over time turned into $3.6 billion

In February 2022, US authorities seized about $3.6 billion in Bitcoin stolen during a break-in at Bitfinex in 2016 - the largest financial arrest in history - and arrested two people, the Justice Department said. Read more here.

2021

Russian in the United States received 4 years in prison for managing a service that hides viruses

In December 2021, Russian Oleg Koshkin in the United States received 4 years in prison for managing a service that hides viruses. Read more here.

Russian in the United States was given 5 years in prison for hosting for virus distributors

Russian Alexander Grichishkin in early December 2021 was sentenced to five years in prison in the United States for cyber fraud. The decision of the court in Michigan was reported by the US Department of Justice. Read more here.

South Korea extradites US to Yakutia hacker accused of infecting millions of computers around the world

South Korea extradited to the United States a Russian hacker from Yakutia, Vladimir Dunaev, who is accused of global cyber attacks. The US Department of Justice announced this at the end of October 2021. Read more here.

FBI confiscated $2.3 million in cryptocurrency from a hacker from Russia

On December 1, 2021, a court document was published, according to which, in August 2021, law enforcement officers USA confiscated about $2.3 million in to cryptocurrency related attacks committed by a programs extortioners resident. Russia More. here

The Russian "king of spam" in the United States was sentenced to the time already served and a fine of $3.5 million

In July 2021, Pyotr Levashov, whom the American media call the "king of spam," was sentenced in the United States to 33 months in prison on charges of computer fraud, theft of personal data and criminal conspiracy. However, the Russian has already served this term while in prison since 2018. At the same time, according to the court order, the programmer will have to pay $3.5 million in compensation for the damage caused. Read more here.

Spanish court sentenced Russian hacker to 4.5 years in prison

In mid-July 2021, the Spanish National Court of Justice sentenced Russian Denis Tokarenko to 4.5 years in prison for conducting hacker attacks and stealing about 5 million euros from financial institutions in Europe. Read more here.

A native of Rostov was arrested in Miami, who is accused of participating in a hacker group that stole tens of millions of dollars

In early June 2021, Alla Witte, a native of Rostov-on-Don, was arrested in Miami, who, according to US law enforcement agencies, is one of the founders of the largest hacker syndicate Trickbot. She is accused of participating in cybercrimes, fraud and identity theft worth tens of millions of dollars. Read more here.

US court sentenced Russian to 5 years for hacking companies' IT systems

The court of the Eastern District of New York sentenced Anton Bogdanov to five years in prison for tax fraud and hacker attacks. Also, the 35-year-old Russian will have to pay a fine of $476 thousand. This was announced on May 20, 2021 by the US Department of Justice. Read more here.

Hackers who robbed dozens of ATMs convicted in Russia

At the end of March 2021, the Industrial District Court of the city of Stavropol sentenced Mikhail Grinevich to 16 years in a maximum security colony for organizing a criminal group that hacked into the bank's computer systems and stole funds from ATMs. Grinevich's accomplices received from 6.5 to 9 years in prison, the FSB reports. Read more here.

Russian pleaded guilty to cyber attack on Tesla plant

On March 18, 2021, the Nevada federal prosecutor's office issued a statement according to which Yegor Kryuchkov pleaded guilty to a hacker attack on Tesla's IT systems. Read more here.

2020

Kemerovo resident convicted of cyber attacks on KII RF

Kemerovo resident was convicted of cyber attacks on the KII of the Russian Federation. This became known on November 27, 2020.

The hacker attacked the information resources of the government of Mordovia by neutralizing information protection tools.

The CII also includes automated control systems operating in the field of industry, healthcare, power, transport, communications.

The Kemerovo hacker attacked the information resources of the government of Mordovia by neutralizing with the help harmful ON of means of protecting computer the information contained at the KII facility, as well as on the information resources of the government of Mordovia.

The court found the attacker guilty under Part 1 of Article 273 of the Criminal Code of the Russian Federation ("Use of malicious computer programs designed to neutralize means of protecting computer information") and Part 1 of Article 274 of the Criminal Code of the Russian Federation ("Unlawful impact on the critical information infrastructure of the Russian Federation").

In November 2020, a bill was submitted to the State Duma of the Russian Federation providing for the introduction of administrative responsibility for violating the IT security of systems of significant objects of critical CII. The amount of the fine for officials ranges from 10 thousand to 50 thousand rubles, and for legal entities - from 50 thousand to 100 thousand rubles[5] of[6].

Russian sentenced to 8 years in prison for cyber fraud for $100 million

In early November 2020, the US District Court for the Eastern District of Virginia sentenced Russian Alexander Brovko to eight years in prison for cyber fraud, which caused $100 million in damage to companies. Read more here.

US court sentences Russian programmer to 7 years in prison for cyber attacks on large IT companies

At the end of September 2020, the Federal Court of the Northern District of California sentenced Russian Yevgeny Nikulin, found guilty of cybercrimes, to seven years and four months in prison. Read more here.

Russian hacker jailed for 9 years for selling stolen bank cards

On June 26, 2020, a federal court in the Eastern District of Virginia sentenced Russian hacker Alexei Burkov to nine years in prison for cyber fraud. Read more here.

Berlin demands EU sanctions against hackers from Russia

The German government has initiated in the EU a procedure for adding Russians involved in a hacker attack on the Bundestag in 2015 to a special European sanctions list. This became known on May 29, 2020.

On the eve of such an intention of the German government, State Secretary at the Ministry of Foreign Affairs Miguel Berger notified Russian Ambassador to Germany Sergei Nechaev in a face-to-face conversation.

On May 5, 2020, the Prosecutor General of Germany issued an arrest warrant for citizen RUSSIAN FEDERATION Dmitry Badin, who is suspected of having committed those hacker attacks on the Bundestag together with a group of persons not yet known by name.

A special regime of EU sanctions for sabotage activities in cyberspace was established in May 2019, but has never been applied. This regime, said Maria Adebar,

File:Aquote1.png
allows you to freeze bank accounts and property, as well as impose restrictions on the entry of listed persons or organizations.
File:Aquote2.png

The German government reserves the right to take - along with adding suspects to the EU sanctions list - and additional measures, Adebar added, but did not specify which ones.

Answering the question when the last time the Russian ambassador was summoned to the German Foreign Ministry, Maria Adebar said that in recent years she would not remember this. At the same time, she drew attention to the wording of the diplomatic press release of May 28, which said that the Russian ambassador to Germany, Sergei Nechaev, was "invited" to talk to the German Foreign Ministry, and not "summoned." According to the international diplomatic protocol, "calling" a foreign ambassador to the Foreign Ministry of the host country is a significantly sharper form of expression of indignation of the host party than "inviting"[7] to talk[8].

Kaspersky: the main hackers in the world speak Russian

The world's top hackers speak Russian, Kaspersky Lab CEO Yevgeny Kaspersky told the Russian News Agency in an interview with TASS.

According to the entrepreneur, Russia trains the world's best programmers, but such a situation has a downside - sometimes this leads to the emergence of strong hackers, the best in the world.

According to Yevgeny Kaspersky, the world's main cyber villains speak Russian
File:Aquote1.png
If we take highly professional crime, all the main cyber villains speak Russian. The loudest classic story is Carbanak. If I'm not mistaken, 2014. A gang of Russian-speaking hackers - Russia, Ukraine, the Baltic states, Europe. For a couple of years, they, according to our estimates, took out a billion dollars, "Kaspersky said.
File:Aquote2.png

The head of Kaspersky Lab noted that "the world's best programmers, software developers" and hackers could study at the same universities, but the result was different: if developers create something new, then cybercriminals break and destroy. Almost all hackers have the same motivation - "money, money, money," explained Evgeny Kaspersky.

File:Aquote1.png
For example, one hacker writes a Trojan and sells it to others. They infect the victims, but they themselves do nothing else, assigning access to the third. Already they pull out the data, eviscerate everything they can. Such, you know, painters and carpenters, - he said.
File:Aquote2.png

Kaspersky once again remembered the Carbanak hackers, who, according to the entrepreneur, penetrated the infrastructure and did what they wanted. They created fake accounts, transferred money through their real ones, produced shell companies, paid left salaries. In fact, they led the bank through the network. A three-level system was created where the performers did not know each other, communication was maintained only through the phone. Hackers were the parent organization, in fact, they managed and hired traditional criminals, he said.[9]

Germany announced an international search for a Russian accused of cyber attacks on the Bundestag

In early May 2020 Germany , the Prosecutor General's Office issued an arrest warrant, Dmitry Badin which is accused of cyber attacks on the Bundestag. The 29-year-old Russian has been put on the international wanted list. More. here

2019

Hackers who stole 21.7 million rubles from Almazergienbank convicted

In October 2019, the Sahi Supreme Court replaced suspended sentences with real hacker brothers Bulakhov, who hacked into a bank server and stole more than 21.7 million rubles from ATMs.

The court eventually appointed them 6.5 years and 5.5 years in prison in a general regime colony. Earlier, the court of first instance imposed suspended sentences on hackers: 8 and 7 years in prison.

Hackers gained access to the control server. Almazergienbank The brothers saw the amount of cash in the bank's ATMs, and also remotely monitored the issuance of cash. As a result, 21.7 million were taken to themselves.

Member of the hacker group TipTop, which crumbled funds from bank cards, sentenced to 2 years in prison conditionally

On August 28, 2019, the company Group-IB announced that Chuvashia it had sentenced a member of a hacker group, for several years attacking clients of the largest. the Russian banks The group, which received the working name TipTop, committed theft of funds bank cards from citizens using the harmful program. The member of the group was detained as a result of a special operation of the "K" department Ministry of Internal Affairs for the Chuvash Republic together with the "K" Department with Ministry of Internal Affairs of Russia the assistance of Group-IB experts.

A member of the TipTop hacker group, which crumbled funds from bank cards, was sentenced to 2 years in prison conditionally Illustration: ria.ru

According to the company, the spread of malware software occurred by disguising it as popular applications for mobile devices. After downloading the application, the victims smartphones were automatically downloaded, malware providing criminals with access to the mobile banking system.

File:Aquote1.png
This group received the working name TipTop. Its main goal was clients of large Russian banks. To infect phones, attackers masked malware for mobile applications of well-known banks from TOP-10, as well as for the messenger Viber, the Google Play app store or Adobe graphics applications . Cybercriminals posted links to them on their own resources or hacked legitimate sites. To increase the number of victims, attackers bought ads in search engines at the request of a "mobile bank" and placed links to their resources there.

narrated by Sergey Lupanin, Head of Investigations at Group-IB
File:Aquote2.png

After the user tried to download the application, a banking Android Trojan Hqwar (also known as Agent.BID) was installed on his smartphone. However, the group tried different tools and cash withdrawal schemes, making it difficult to attribute with a particular attack. In 2015, hackers used the mobile Android Trojan Hqwar (Agent.BID) to infect customers of Russian banks. Since 2016 - the Honli Trojan, and since February 2016 its upgraded version, defined by antiviruses as Asacub.g. In the same year, they try to infect smartphones using the Trojan of their predecessors - Cron, which gave the group its name. At the same time, TipTop was armed with the CatsElite Trojan (MarsElite). In April 2017, they again return to using the Hqwar mobile banker (Agent.BID). However, in parallel with it, the group used Lokibot, as well as the modernized old Marcher Trojan (Rahunok). All mobile Trojans who used attackers could intercept and read SMS, record telephone conversations, send USSD requests, but their main goal was to steal bank card data using phishing windows that copy windows of legal applications, or using web fakes to enter login passwords of personal account credentials from Internet banking popular banks. The servers from where malware was infected and botnets were managed at different times were located in Germany, in the USA, in Ukraine.

In the course of operational-search measures, police officers found that a previously convicted 31-year-old resident of Krasnoyarsk was involved in the theft of funds from residents of the Chuvash Republic (75,000 rubles), transferring funds from users' accounts to accounts and cards of attackers.

The young man was detained. As a result of a search conducted by the police at the suspect's place of residence, computer equipment, hard drives, flash drives, phones and SIM cards were found and seized. According to the investigation, the detainee played the role of a filler of the TipTop group and directly transferred money from users' accounts to the accounts and cards of the attackers.

Investigators of the MINISTRY OF INTERNAL AFFAIRS Russia department for the Kanash district of the Republic of Chuvashia opened a criminal case on the grounds of a crime under Article 273 of the Criminal Code of the Russian Federation "Creation, use and distribution of malicious computer programs." Then the case materials were transferred to the Kanash District Court, which as a result sentenced the accused to 2 years of suspended imprisonment.

File:Aquote1.png
After the liquidation of the Cron group at the end of 2016, the group, which received the working name TipTop, which included a detained hacker, was one of the largest and most dangerous in Russia. With the help of Android Trojans, cybercriminals were able to infect more than 800,000 smartphones. Damage from their activities is established, but according to some estimates, they could steal from 100,000 rubles to 700,000 rubles daily. We first recorded their activities in 2015. In the course of long-term work, the operational services to which we transferred our developments managed to identify the victims in a number of regions of Russia.

narrated by Sergey Lupanin, Head of Investigations at Group-IB
File:Aquote2.png

A resident of Chelyabinsk sentenced to 10 months of restriction of freedom for hacking payment systems

On June 20, 2019, it became known that the court sentenced a resident of Chelyabinsk to 10 months of restriction of freedom for hacking personal accounts in payment systems. The verdict was passed by the Central District Court of Chelyabinsk. This was reported by Interfax-Ural with reference to the press service of the court.

The investigation of the hacker was carried out by the regional department of the FSB. According to the investigation, a Chelyabinsk resident, using malware, hacked into users' personal accounts in payment systems and accounts in social networks. The FSB detained him even before he managed to steal money from the victims. Several people are involved in the case as victims.

The restriction of freedom consists in the fact that the convict does not have the opportunity to leave his home at certain times of the day, visit certain places, leave the city, change his place of residence and work, participate in mass events, etc.

The Chelyabinsk hacker was found guilty under Part 1 of Article 272 of the Criminal Code, which provides for liability for illegal access to computer information. This paragraph offers such options for punishment as a fine of up to 200 thousand rubles. or in the amount of the convicted person's income for a period of up to 18 months, correctional labor for up to one year or restriction of freedom for up to two years. Forced labor for up to two years or imprisonment for the same period is also possible.

In parallel, the hacker was convicted under Part 1 of Article 273, which provides for responsibility for the creation, use and distribution of malicious computer programs. This section offers punishment options such as restriction of liberty for up to four years or forced labour for the same period. In addition, imprisonment for the same period is possible with a fine of up to 200 thousand rubles. or in the amount of the convict's income for a period of up to 18 months.

As noted in CNews, this is not the first time that a hacker in Russia was sentenced to a relatively light punishment. In April 2019, a resident of the city of Balakovo, Saratov Region, was sentenced by the court to 12 months of compulsory work for hacking a site to make payments and pay for utilities in the Omsk Region. The site was remotely hacked in the fall of 2017. The attacker managed to obtain data that provides access to the personal accounts of site users. He copied this data, and also transferred to his account user-owned bonuses totaling 2.1 thousand rubles.

After that, the young man turned to the owners of the site and told them that there was a vulnerability in the system. He promised to clarify which one, and how to protect himself from it, if the owners of the site pay him for it. However, the organization, instead of agreeing to his proposal, appealed to law enforcement agencies. After that, the FSB of Russia in the Omsk region took up the identity and activities of the hacker.

The hacker was convicted under Part 2 of Article 272 of the Criminal Code of Russia, which provides for liability for unlawful access to computer information protected by law, if this act entailed modification, or copying computer information committed out of selfish interest. The article offers much harsher options for punishment, up to imprisonment for up to four years.[10]

"Russian hackers" turned out to be the fastest in the world

CrowdStrike specialists confirmed this by calculating with an accuracy of a second how long it takes for cybercriminals from different countries to hack. According to the CrowdStrike Adverse[11] of Speed ​ ​ report[12]hacking speed, the Russians surpass the Iranians, North Koreans and Chinese, who were also included in the list of the most highly qualified hackers[13].

By the speed of hacking, researchers mean the time between the penetration of cybercriminals into the network and the beginning of data theft. The speed of the hack is of huge importance to the success of the event, as modern technologists allow them to detect and repel cyber attacks faster than ever before. The faster the attacker enters the network, the more time he will have to steal data before the attack is detected.

To determine the rate of hacking, the researchers analyzed 30,000 cyber attacks carried out in 2018. According to researchers, from gaining access to the attacked network to spreading over it, Russian cybercriminals take only 18 minutes and 49 seconds - almost eight times less than the North Koreans, who occupy the second highest hacking rate. In third place were the Chinese, who take 4-5 hours to hack - twice as long as the North Koreans.

2017: Mark Vartanian extradited to US, faces trial

Russian hacker Mark Vartanyan, extradited from Norway to the United States, appeared in court on March 14. Vartanian, also known as Kolypto, is accused of developing and implementing the malicious Citadel program. The defendant does not admit his guilt. Citadel infected approximately 11 million computers worldwide and caused more than $500 million in damage.

The Russian was extradited to the United States in December 2016. Russian Foreign Ministry spokeswoman Maria Zakharova said in a tweet that by approving a request to extradite a Russian citizen to the United States, Norway violated international law.

The court presented information that Citadel was intended to infect computer systems and steal personal data and bank accounts. Since 2011, the virus has been sold in limited access on Russian-language forums popular among cybercriminals. Attackers who used Citadel attacked the computer networks of financial and government institutions in the world, including several organizations in the United States. Vartanyan, who was in Ukraine from August 2012 to January 2013, and then moved to Norway in 2014, allegedly participated in the creation, improvement, technical support and spread of the dangerous virus.

He was charged for two periods - between August 21, 2012 and January 9, 2013, and then between April 9 and June 2, 2014: during these periods, according to the prosecution, Vartanyan uploaded numerous files with Citadel components, updates and patches to the Web, as well as technical instructions for users.

For all his actions, Vartanyan faced a term of up to 25 years. Under the terms of the deal with the investigation, Vartanyan pleaded guilty in exchange for reducing the maximum term to 10 years and for a fine of up to $250 thousand. At the same time, the prosecution promised not to demand a period exceeding 60 months (that is, five years).

Interestingly, the agreement separately stipulates the possibility of bringing the defendant to work "undercover."

2016

Russians entered the list of most wanted FBI cybercriminals

On March 14, 2016, DarkReading.com published an article[14], dedicated to the most wanted FBI cybercriminals in the world. A large reward is offered for helping to capture these people accused of cyber races, surveillance and fraud.


Evgeny Mikhailovich Bogachev

Nikname: "lucky12345," "slavik," "Pollingsoon"
Nationality: Russian
Age: 32
Wanted for: creating a botnet of the GameOver Zeus network, which led to losses of more than $100 million
Last known location: Anapa, Russia
Reward: $3 million

Alexey Belan


Alias: Abyr Valgov
Nikname: "Abyrvaig," "Fedyunya," "Magg," "M4G," "Moy.Yawik"
Nationality: Latvian
Age: 28
Wanted for: stealing large corporate customer databases; identity theft

Last known location: Athens, Greece
Reward: $100,000

Ivan Viktorovich Klepikov

Image:klepikov.jpg

Nikname: "petr0vich," "nowhere"
Nationality: Russian
Age: Unknown
Wanted for: one of three members of a criminal group that used Zeus to steal bank credentials and make illegal transfers
Last known location: Russia or Ukraine
Reward: No

Alexey Dmitrievich Bron

Image:bron.jpg

Nikname: "thehead"
Nationality: Russian
Age: Unknown
Wanted for: one of three members of a criminal group that used Zeus to steal bank credentials and make illegal transfers
Last known location: Russia or Ukraine
Reward: No

Vyacheslav Igorevich Penchukov

Image:penchukov.jpg

Nikname: "tank," "father"
Nationality: Russian
Age: Unknown
Wanted for: one of three members of a criminal group that used Zeus to steal bank credentials and make illegal transfers
Last known location: Russia or Ukraine
Reward: No

Full list in the article Hackers.

The creator of the blog "Humpty Dumpty" Vladimir Anikeev detained by the FSB

The Russian FSB in October 2016 arrested Vladimir Anikeev, the creator of the Humpty Dumpty blog. Lewis (Anikeev's network nickname) is accused of involvement in many computer hacks.

The creator of the Humpty Dumpty resource was detained by the Federal Security Service Russia in October 2016. Vladimir Anikeev (network nickname - Lewis) is charged with cyber fraud, after which the blog, starting in 2014, published the electronic correspondence of many high-ranking officials, reports. CNews

So, on "Humpty Dumpty" e-mail, correspondence in Telegram, "cloud data" from smartphones of Prime Minister Dmitry Medvedev, Deputy Prime Minister Arkady Dvorkovich, press secretary of Prime Minister Natalya Timakova, head of Roskomnadzor Alexander Zharov, head of the Accounts Chamber Tatyana Golikova and other officials and heads of state structures were published. In 2014, Roskomnadzor closed access to the resource in Russia, but the blog continued to work and in 2015 began to offer stolen information through an auction. In the summer of 2016, the correspondence of the assistant to the head of state Vladislav Surkov was published on the resource. And if all the previous data was obtained by hackers from public servers (Mail.ru Yandex, Gmail), then Surkov's correspondence was stolen from both the Mail.ru and the service address in the gov.ru domain, and contained information about the access system inside the Kremlin, which are a state secret.