Russian Hackers Feel The Heat

When Alexander Vinnik was arrested on money-laundering charges at a Greek hotel in late July, the status of his Jabber secure online messaging account was set to “away”.

“He often takes some time to reply, so at first I didn’t think anything of it,” said one person who knew the Russian as an administrator of a digital currency exchange which US prosecutors say was used to launder criminal funds.

“Then when I saw his picture on the news, I knew he would be ’away’ for a long time,” said the person, who spoke on condition of anonymity.

The US Justice Department says Vinnik facilitated crimes including computer hacking, fraud and drug trafficking by laundering at least $4 billion through BTC-e, an exchange used to trade bitcoin and other digital currencies, since 2011.

The 37-year-old faces up to 55 years in prison if extradited to the United States. He denies the allegations against him, according to Greek media reports, and BTC-e has said he never worked for the exchange. Reuters was unable to reach BTC-e or a lawyer representing Vinnik for comment.

Vinnik is now one of seven Russians arrested or indicted on US cyber-crime charges this year. On average, just two Russian cyber criminals were extradited to the United States each year between 2010 and the start of this year, according to a Reuters review of US Justice Department filings, Russian government statements and sources briefed on the matter.

The increase to a record level shows that although President Donald Trump is trying to improve relations with Moscow, the United States has not shied away from pursuing Russians suspected of cyber-crime.

The prosecutions coincide with intensified scrutiny of Russian hackers since US intelligence officials determined that Russia interfered in the 2016 … presidential election using cyber warfare methods to help Trump.

The Kremlin has denied accusations it interfered in elections in the United States or elsewhere.

But US opposition lawmakers have questioned whether Trump is willing to respond forcefully to Moscow over its actions in cyberspace, and the White House has avoided publicly accusing Russia over recent politically-motivated hacking attacks.

Alarmed by Trump’s proposal to create a joint US-Russia cyber security unit, US lawmakers have also drawn up a draft bill that would require him to notify lawmakers before he does so.

Four US federal law enforcement officials, who discussed the recent arrests with Reuters on condition of anonymity, said there had been no centralised effort to step up action against Russian cyber criminals under Trump.

The increase in the number of arrests stemmed from breakthroughs made in investigations before last year’s election, two of them said.

The FBI referred all questions to the US Justice Department. The Justice Department said it did not track arrests or indictments by nationality and declined further comment.

Russian Hackers Rattled

Some US officials, however, acknowledged that individual agents may now be more motivated to move against Russian cyber criminals following the election hacking scandal.

Russian hackers are active at all levels of cyber crime, from small-time thefts of online banking details, to taking down the computer networks of multi-national companies and government departments.

John Carlin, who until last October ran the national security division of the US Justice Department as assistant attorney general, said resources had already been moving towards pursuing Russian nationals before the 2016 election.

But he added: “Their outrageous activity to undermine the integrity of our election, like they did in western Europe before and have done since, can only have added fuel to the fire.”

According to interviews with five people who knew the men arrested this year, all of whom declined to be named for fear of prosecution, the arrests have shaken the Russian cyber-crime community.

“Now they are arresting even those who had a super indirect, not even direct connection to what they call influencing their election,” said one who knew Vinnik by his online moniker WME.

Used to operating across borders with relative impunity, Russian cyber criminals are now worried the prosecutions will lead to further arrests or harm their operations.

They are cutting back on trips abroad that were once seen as a calculated risk because of the risk of arrest and extradition, but are now viewed as increasingly foolhardy.

“We have monitored criminals discussing the aftermath (of the arrests) ... and it is clear they are concerned about two things,” said Ilya Sachkov, head of cyber security firm Group-IB, whose Threat Intelligence unit specialises in monitoring and tracking the Russian-speaking cyber-crime community.

"First, what the arrested members potentially know about them, but second and more importantly, a disruption in their ability to make money."

One of those arrested this year was Peter Levashov, charged by US prosecutors with operating one of the world's largest botnets, or networks, of infected computers used by cyber criminals. He denies the charges.

Levashov allegedly used the botnet to pump out spam emails for a multitude of criminal schemes, such as stock fraud, online credential phishing attempts and the distribution of malware, including ransomware.

A person who knew Levashov by his online identity Severa said his arrest in particular had rattled underground cyber-criminal circles because he was so well known.

"People read the news of course and see guys they know getting busted," the person said. "Once is bad, this many times is scary."

Reuters:

You Might Also Read:

Russian Arrested For $4billion Bitcoin Theft:

Putin Applauds Patriotic Russian Hackers:

Trump’s Joint Cybersecurity Unit With Russia – It’s Not Happening:

 

« Online Privacy Makes A GDPR Comeback
UK Deal With EU On Post-Brexit Data Sharing »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

Avast Software

Avast Software

Avast Software is a security software company that develops antivirus software and internet security services.

IT Association of Slovakia (ITAS)

IT Association of Slovakia (ITAS)

ITAS is a professional association of domestic and foreign companies operating in the field of information and communication technologies

CybergymIEC

CybergymIEC

CybergymIEC is a global leader in cyber defense solutions and training services.

AlertFusion

AlertFusion

AlertFusion is a platform that makes security operations more effective. It complements existing tools and technologies, unifies operations, enhances process maturity and drives efficiencies.

TAG Cyber

TAG Cyber

TAG Cyber's mission is to provide world-class cyber security research, advisory, and consulting services to enterprise security teams around the world.

Kainos

Kainos

Kainos is a leading provider of Digital Services and Platforms. Our services include Digital Transformation, Cyber Security, Cloud, AI, IoT and more.

Communicate Technology

Communicate Technology

Communicate Technology are IT, telecoms and cyber-security specialists, keeping over 500 businesses and 50,000 users connected and secure across the UK.

Gomboc.ai

Gomboc.ai

Gomboc solve cloud infrastructure security policy deviations by providing tailored remediations to the IaC (Infrastructure as Code).

RapidSpike

RapidSpike

RapidSpike is the only website monitoring solution that focuses all three key aspects of website health: performance, reliability AND security.

Cybervergent

Cybervergent

Cybervergent (formerly Infoprive) are a leading cybersecurity technology company in Africa. We provide cybersecurity guidance and solutions that help protect your business.

Texaport

Texaport

Texaport's vision is to be the trusted partner of choice for organisations seeking comprehensive IT management and cutting-edge security solutions.

Amnet Technology Solutions (Amnet Systems)

Amnet Technology Solutions (Amnet Systems)

Amnet Systems is a technology services organization that provides Managed IT, Cloud Computing, Cyber Security, Data Center and Audio Visual services since 1995.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.

Anthropic

Anthropic

Anthropic is a Public Benefit Corporation, whose purpose is the responsible development and maintenance of advanced AI for the long-term benefit of humanity.

Palindrome Technologies

Palindrome Technologies

Palindrome Technologies help clients defend against cyberattacks across all attack surfaces, including hardware, software, network-to-cloud, people, and emerging technologies.