The Global Pursuit of Russian Hackers
Since 2010, US special services have arrested at least ten Russian hackers worldwide. Some are already in American prisons, others await a verdict, and one hacker was released and returned to Russia.
These Russian hackers often face accusations of executing some of the “biggest attacks” in history, causing damage worth hundreds of millions of dollars. Most of them have ties to Russian special services and authorities. The Russian Foreign Ministry refers to such arrests as “abductions.” Meduza’s special correspondent, Daniil Turovsky, reveals four stories about hackers the US intelligence managed to hunt down.
Efforts of US Intelligence to Capture Russian Hackers
The US intelligence community has invested significant resources into tracking and capturing Russian hackers. These operations often involve close collaboration between agencies, including the FBI, CIA, NSA, and international law enforcement bodies like Interpol. The process typically involves extensive cyber surveillance, international cooperation, and diplomatic negotiations. Here are some critical elements of their efforts:
Cyber Surveillance and Intelligence Gathering
US intelligence agencies employ advanced cyber surveillance techniques to monitor suspected hackers. This involves tracking online activities, intercepting communications, and analyzing digital footprints. Cyber intelligence units continuously scan the dark web and hacker forums to gather actionable intelligence on the latest cyber threats and the individuals behind them.
International Cooperation
Capturing hackers operating from foreign countries requires international cooperation. US agencies work closely with counterparts in other countries to share intelligence and coordinate operations. Extradition treaties are crucial in bringing suspects to the US to face justice. In some cases, as seen with Roman Seleznev and Andrei Tyurin, US authorities have negotiated directly with foreign governments to secure arrests.
Diplomatic Negotiations
Diplomatic channels are often utilized to facilitate the arrest and extradition of high-profile hackers. The US State Department and Department of Justice negotiate with foreign governments, sometimes offering incentives or leveraging diplomatic pressure to gain cooperation. These efforts are critical when dealing with countries that do not have extradition treaties with the US.
Technological Expertise
The US intelligence community employs the world’s most skilled cybersecurity experts. These professionals use cutting-edge technology to penetrate cybercriminal networks, decrypt communications, and gather evidence. Their expertise is crucial in identifying and locating hackers who use sophisticated methods to hide their activities.
Legal Framework
The US has robust cybercrime laws that empower law enforcement agencies to pursue cybercriminals aggressively. These laws provide the legal basis for operations, including issuing international arrest warrants and prosecuting foreign nationals. The US justice system also supports lengthy prison sentences for convicted cybercriminals, serving as a deterrent.
Roman Seleznev
The Explosion in Marrakech
On April 28, 2011, the bustling Jama El Fna Square in Marrakech, Morocco, saw Roman Seleznev among its many passers-by. A strong man with a three-day stubble, Seleznev was told to wear a suit before being admitted to the hotel restaurant for breakfast. Without a case, he and his wife went to the nearest cafe. The waiter, however, said he could serve them in 30 minutes. When the couple agreed to wait, the waiter mysteriously replied, “Bad idea.” Shortly after, an explosion thundered in the cafe.
Seleznev regained his senses only for a bit of a while amidst white smoke pouring from the destroyed building and bodies covered in blood. Terrorists had left two briefcases with explosives in the cafe, detonating them with a mobile phone and killing 17 people. Although Moroccan authorities blamed the attack on Al-Qaeda, the organization refused responsibility.
Life-Altering Injuries
Seleznev survived but fell into a coma. Doctors told his wife and father, Valery Seleznev, a State Duma deputy from the LDPR, that survival was doubtful, and if he did, he would be a “vegetable for life.” Valery arranged his son’s transportation to Moscow, where a priest baptized Seleznev without his knowledge while he was in a coma. Two weeks later, Seleznev recovered, and a year of healing ensued, including a titanium plate replacing part of his skull. His marriage ended, and his wife moved to the US.
nCux from Vladivostok
Born in Vladivostok in 1984, Seleznev lived a challenging life. After his parents’ divorce, he lived with his grandmother and got a job in a computer club. He studied programming independently and began hacking databases at 18, initially stealing documents and later credit card numbers. Operating under the name nCux, he became one of the world’s most prominent sellers of stolen cards by 2009.
Making Money
Seleznev hacked the processing systems of small businesses in the US, using vulnerabilities to copy all card operations. By 2009, he had become a primary seller of stolen cards, targeting small snack bars in Washington and other US cities due to their poor security. The US special services started watching him in 2005, and by 2009, FBI agents had evidence linking him to the nCux identity.
The US Intelligence Network in Action
In May 2009, FBI agents met with FSB officers in Moscow, who provided evidence of Seleznev’s activities. Seleznev soon announced his departure from the business but continued his activities under new nicknames. He opened an online store for stolen cards, revolutionizing the carder market. After nearly dying in an explosion in Morocco, he continued his criminal activities under the nickname 2Pac.
Arrest in the Maldives
In July 2014, Seleznev went to the Maldives, where FBI agents, with the help of local authorities, detained him. They transported him to Guam and then Seattle, where he faced trial. The US prosecutor called him the most severe cybercriminal ever brought to justice, estimating his damage at $170 million. He was sentenced to 27 years, the most extended period ever given for cybercrime in the US.
Dmitriy Smilianets (Brave – Bold)
The Rise of Moscow Five
Dmitriy Smilianets, head of the successful Russian cybersport organization Moscow Five, announced in 2012 that businessman Sergey Matvienko would curate the team. Smilianets was deeply involved in politics and publicly supported Vladimir Putin. However, he and his friend Vladimir Drinkman began hacking financial networks, stealing about 160 million credit cards and causing $300 million in damage.
Arrest in Amsterdam
In July 2013, US special services found Smilianets in Amsterdam and arrested him, along with Drinkman. Smilianets agreed to extradition to the US, while Drinkman fought for two and a half years. Both eventually pleaded guilty and faced long prison terms.
Maxim Yakubets (Evil Corp Leader)
The Lavish Life of a Cybercriminal
Maxim Yakubets, also known as “Aqua,” led the infamous hacking group Evil Corp, responsible for some of the most damaging cyberattacks globally. The group’s primary tool, the Dridex malware, infected banks and financial institutions, causing over $100 million in losses. Yakubets operated from Moscow and enjoyed a lavish lifestyle, including owning multiple luxury cars.
The Largest Bounty
In December 2019, the US Department of Justice unsealed charges against Yakubets and his co-conspirator, Igor Turashev. Yakubets, who reportedly worked for the FSB, remains at large in Russia, which does not extradite its citizens to the US. The US Treasury Department placed a $5 million reward for information leading to Yakubets’ arrest, the largest-ever bounty for a cybercriminal.
Alexey Belan
The Yahoo Breach
Alexey Belan, a notorious Russian hacker, is responsible for numerous data breaches, including theft from millions of Yahoo accounts. Between 2013 and 2014, Belan hacked into Yahoo’s networks, stealing information from at least 500 million user accounts. He then sold this information on the dark web.
Safe in Russia
The US Department of Justice charged Belan with multiple counts of hacking and conspiracy, but he remains in Russia. Despite being one of the FBI’s most-wanted cybercriminals, Russian authorities have not acted on US requests for his extradition.
Andrei Tyurin
The JPMorgan Chase Hack
Andrei Tyurin was extradited from Georgia to the US in 2018 to face charges related to his involvement in one of the largest cyber thefts in history. Tyurin was part of a hacking ring that infiltrated JPMorgan Chase, one of America’s largest banks, stealing the data of over 80 million customers. He also targeted other financial institutions, brokerage firms, and economic news publishers.
Extradition and Sentencing
In 2019, Tyurin pleaded guilty to multiple charges, including computer intrusion and wire fraud. He was sentenced to 12 years in prison, marking a significant victory for US law enforcement in the fight against international cybercrime.
Aleksandr Panin (Gribodemon)
The SpyEye Malware
Aleksandr Panin, known online as “Gribodemon,” developed the SpyEye malware, which targeted banking systems and financial institutions worldwide. SpyEye allowed cybercriminals to steal sensitive information, such as banking credentials and credit card numbers, resulting in hundreds of millions of dollars in losses.
Arrest and Conviction
Panin was arrested in the Dominican Republic in 2013 and extradited to the US. He pleaded guilty to conspiracy to commit wire and bank fraud and was sentenced to over nine years in prison. His arrest and conviction disrupted a major cybercriminal enterprise and highlighted the international reach of US cybercrime investigations.
Peter Levashov (Peter Severa)
The Kelihos Botnet
Peter Levashov, also known as “Peter Severa,” was a crucial player in the global spam and malware distribution networks. He operated the Kelihos botnet, which infected hundreds of thousands of computers worldwide, sending spam emails and stealing sensitive information.
International Cooperation
In 2017, Levashov was arrested in Spain at the request of US authorities. He was extradited to the US, where he faced charges of wire fraud, identity theft, and conspiracy. Levashov’s arrest and dismantling of the Kelihos botnet were significant blows to the cybercriminal ecosystem.
Aleksandr Andreevich Panin (Russian hacker-for-hire)
The Rise of SpyEye
Aleksandr Andreevich Panin, known for his involvement in various high-profile cybercrimes, specialized in developing and distributing malware. Panin’s “SpyEye” Trojan targeted banking and financial systems, enabling criminals to steal millions of dollars.
Arrest and Cooperation
In 2013, Panin was arrested in the Dominican Republic and extradited to the US, where he was charged with conspiracy to commit wire and bank fraud. His arrest was a major victory for international law enforcement, disrupting a significant cybercriminal network and showcasing the global cooperation needed to combat cybercrime effectively.
Conclusion
These stories of Russian hackers illustrate the complex and high-stakes world of international cybercrime. The continuous clash between hackers, authorities, and governments on a digital battlefield emphasizes the need for global cooperation and advanced cybersecurity measures to combat this growing threat. The relentless pursuit and capture of these cyber criminals by US special services demonstrate the importance of vigilance and resilience in the fight against cybercrime.
If you would like to work with a professional team that can help make your transition to a life of freedom, contact Amicus Int. for New Identity services today.