A 26-year-old from St. Petersburg, Russia, has been sentenced to nine years in federal prison for hacking charges in the Southern District of Indiana and the Eastern District of Pennsylvania.
According to a news statement from the US Department of Justice, Aleksei Volkov was convicted and sentenced for assisting major cybercrime groups in carrying out many attacks on US businesses and organizations. Volkov is responsible for orchestrating dozens of ransomware assaults around the country, resulting in more than $9,000,000 in actual losses and $24,000,000 in predicted losses.
Authorities in Rome, Italy, apprehended Volkov, according to the announcement. He was extradited to the United States, where he pleaded guilty to charges including unlawful transfer of a means of identification, trafficking in access information, access device fraud, and aggravated identity theft, as well as two counts from the Eastern District of Pennsylvania indictment: conspiracy to commit computer fraud and conspiracy to commit money laundering.
According to court documents, Volkov worked as a “initial access broker,” which is someone who specializes in getting unauthorized access to corporate computer networks and systems. They can then sell this access to those that commit cyberattacks.
Volkov stated in his plea that he and his co-conspirators hacked into multiple victims’ computer networks, stole their data, deployed ransomware, demanded millions of cryptocurrency payments in exchange for restoring access to the data, and distributed the ransom payments among themselves. Volkov agreed to pay full restitution to the victims, including a minimum of $9,167,198.19 in compensation for known victims’ actual losses. Volkov was also ordered to forfeit the equipment used in his crimes.
“This conviction sends a strong message: the FBI will relentlessly pursue cybercriminals who target U.S. companies and consumers,” said FBI Indianapolis Special Agent in Charge Timothy J. O’Malley. “We are taking these criminals off the streets, disrupting global extortion networks, and defending American businesses and citizens from cyber threats.”