One Of The World’s Most Prolific Cybercriminals Arrested, Extradited To The US
Read also: Police dismantle the Radar/Dispossessor ransomware group, a data broker gets a prison sentence, and more.
Thursday, August 15, 2024
Hackers behind Reveton, Ransom Cartel, and Angler could face up to 57 years in prison
Maksim Silnikau, a notorious Russian-speaking cybercriminal, has been arrested as part of an international law enforcement operation and extradited to the United States. Silnikau, 38, originally from Belarus and known by aliases such as ‘J.P. Morgan’ and ‘lansky,’ was apprehended in Estepona, Spain, on July 18, 2023.
Silnikau is accused of masterminding a global cybercrime network responsible for developing and distributing ransomware strains like Reveton and Ransom Cartel. His network, which has been active since at least 2011, is believed to have extorted tens of millions of dollars from victims worldwide.
On August 9, 2024, Silnikau was extradited from Poland to the US, where he faces multiple charges related to cybercrime. He is credited with pioneering the ransomware-as-a-service model, which extorted approximately $400,000 per month through schemes like Reveton, which impersonated law enforcement to lock victims' devices until a ransom was paid. Silnikau's network also created the Angler Exploit Kit, a tool for conducting sophisticated malvertising campaigns estimated to have generated around $34 million annually at their peak. The campaigns reportedly affected over half a billion victims globally.
Silnikau, along with his accomplices, Volodymyr Kadariyaa and Andrei Tarasov, faces charges in the US for running malvertising operations and using the Angler Exploit Kit from 2013 to 2022. If convicted, they could face up to 57 years in prison.
WWH-Club credit card market admins arrested in the US after extravagant spending spree
US law enforcement has arrested two key figures in the WWH-Club stolen credit card marketplace after they engaged in a lavish cash spending spree in Florida. The suspects, Russian national Pavel Kublitskii and Kazakhstan native Alexandr Khodyrev, were taken into custody for their alleged roles in running and moderating the cybercrime platform.
The WWH-Club, a Dark Web forum that has been in operation since 2012, specializes in selling stolen credit cards, personal information, and information-stealing malware. It also offers training programs to aspiring cybercriminals and operates an escrow service for transactions involving cryptocurrency mixers to obscure money trails. The platform reportedly boasts 170,000 users.
According to the arrest affidavit, Kublitskii and Khodyrev, who have ties to other illicit platforms such as Skynetzone, Opencard, and Center-Club, had moved to Florida in recent years. They have attracted the attention of the IRS by spending large sums of money while claiming to be unemployed and seeking asylum in the US.
Kublitskii and Khodyrev are said to have been involved in the day-to-day operations of WWH-Club, operating under the shared profile name 'Makein,' including enforcing platform rules, managing infrastructure, providing transaction guidance, promoting cybercrime training programs, and overseeing Bitcoin wallets linked to membership fees and training course payments. The duo now faces multiple charges, including fraud and trafficking and possession of unauthorized access devices. Each of these violations carries a maximum sentence of up to 10 years in prison.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
Police dismantle the Radar/Dispossessor ransomware group
The US Federal Bureau of Investigation (FBI) announced the takedown of the notorious ‘Radar/Dispossessor’ ransomware operation. The effort, conducted in collaboration with international law enforcement agencies, resulted in the dismantling of the gang's infrastructure across the United States, the United Kingdom, and Germany.
The operation led to the seizure of multiple servers and domains used by the group. Specifically, authorities seized three servers in the US, three in the UK, 18 in Germany, eight US-based domains, and one German-based domain. The coordinated effort involved the UK's National Crime Agency, the Bamberg Public Prosecutor’s Office, the Bavarian State Criminal Police Office (BLKA), and the US Attorney’s Office for the Northern District of Ohio.
The FBI named the mastermind behind the operation, identifying them as ‘Brain.’ Active since August 2023, the group targeted small to mid-sized businesses across various sectors. The targets included production, development, education, healthcare, financial services, and transportation industries.
Although Radar/Dispossessor initially focused on US entities, investigations revealed the group's global reach, with attacks on 43 companies worldwide. Victims were reported in countries including Argentina, Australia, Belgium, Brazil, Honduras, India, Canada, Croatia, Peru, Poland, the United Kingdom, the United Arab Emirates, and Germany.
A data broker sentenced to 40 months for selling stolen financial info on the Dark Web
Georgy Kavzharadze, a 27-year-old Russian national from Moscow, has been sentenced to 40 months in a US prison for selling stolen financial information, such as login credentials and personally identifying information (PII), on the Dark Web.
Operating under the aliases ‘TeRorPP,’ ‘Torqovec,’ and ‘PlutuSS,’ Kavzharadze listed for sale over 600,000 stolen login credentials on the underground cybercrime platform Slilpp between July 2016 and May 2021. He sold nearly 300,000 of those credentials.
The marketplace was shut down in June 2021 as a result of a coordinated effort between the FBI and international law enforcement partners. The police seized Slilpp's infrastructure and domain names and obtained a database containing detailed records of transactions, vendors, and customers on the platform.
Kavzharadze was formally charged on August 24, 2021, with multiple offenses, including conspiracy to commit bank fraud and wire fraud, bank fraud, access device fraud, and aggravated identity theft. He was extradited to the US in May 2022, and pleaded guilty in February 2024. Alongside the prison term, the data broker was ordered to pay restitution amounting to over $1,2 million.
Turkey dismantles a cybercrime ring that stole personal data from thousands of individuals worldwide
The Turkish National Intelligence Organization (MIT) has disrupted a sophisticated global cyber espionage network responsible for stealing personal data from thousands of individuals worldwide.
The operation, carried out in coordination with the Turkish Gendarmerie General Command and the National Cyber Incident Response Center (USOM) was initiated as part of an investigation led by the Ankara Chief Public Prosecutor's Office. It is said that the network had deep international connections and was actively sharing stolen personal data with various entities, including terrorist organizations.
During the operation, 11 suspects were arrested in multiple locations across Turkey and numerous websites associated with the espionage network were taken down. The websites were used by the criminals to distribute the stolen data and communicate with the members of the group and their affiliates.
All 11 suspects face multiple charges, including “illegally obtaining or distributing personal data,” “unauthorized access to a computer system,” and “illegally obtaining documents related to state security.”
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
