close
close

Russian accused of stealing Americans’ data and demanding ransom

Russian accused of stealing Americans’ data and demanding ransom

According to a press release from the Office of Public Affairs of the Department of Justice, the Department of Justice has unsealed an indictment against a Russian who was accused of gaining access to Americans’ confidential information and then holding it for ransom.

The indictment says Aleksandr Viktorovich Ryzhenkov, 31, allegedly began working with co-conspirators in 2017 and used a variant of ransomware called BitPaymer to gain unauthorized access to information stored on victims’ computers in Texas and across the country.

The indictment alleges that Ryzhenkov and others used various techniques to gain access to victims’ computers, including “phishing campaigns, malware and the exploitation of vulnerabilities in computer hardware and software.”

A man sits in front of his computer, which is infected with a fictitious encryption Trojan – a form of ransomware, photographed on February 25, 2022. The indictment of a Russian citizen has just been declassified and…


Lino Mirgeler/Associated Press

Prosecutors say Ryzhenkov and his co-conspirators encrypted the stolen files to prevent them from accessing them and left an electronic note on the victims’ systems containing a ransom demand and information on how to contact them to begin negotiations.

The indictment further alleges that Ryzhenkov and his co-conspirators then demanded that the victims pay a ransom in order to obtain the decryption key.

A federal arrest warrant for Ryzhenkov was issued on March 22, 2023, in Texas after charging him with conspiracy to commit fraud and related computer activity, willful injury to a protected computer; according to the FBI arrest warrant, transmitting a demand in connection with damage to a protected computer and conspiracy to launder money.

Ryzhenkov has various aliases, including Aleksandr Viktorovich Ryzhenkov, Mrakobek, Jdm0rr1s0n, Jim Morrison, Lizardking, Guester, G, Kotosel and Anonymem, and is believed to be in Russia, possibly in Moscow, according to the FBI.

In addition to unsealing the indictment, the Justice Department announced that Ryzhenkov had been placed on a list of specially designated nationals that bars them from accessing real estate, real estate interests or engaging in transactions with U.S. financial institutions.

In a press release, the Treasury Department said that Ryzhenkov is the deputy of Maksim Viktorovich Yakubec, the founder and leader of Evil Corp, a cybercrime group based in Russia.

Regarding the release of the indictment, in a statement included in the DOJ press release, Deputy Attorney General Lisa Monaco stated: “The Department of Justice is using every tool at its disposal to attack the ransomware threat from every angle. Today’s charges against Ryzhenko detail how he and his conspirators stole sensitive information from innocent Americans and then demanded ransom. By working with law enforcement agencies at home and around the world, we will continue to put victims first and show criminals that ultimately they will pay for it. their crimes.”

According to Statista, between 2017 and 2023, the total amount of money received by ransomware actors was $1.1 billion.

Do you have a story we should cover? Do you have any questions about this article? Contact [email protected].