Russian Hackers Feel The Heat

When Alexander Vinnik was arrested on money-laundering charges at a Greek hotel in late July, the status of his Jabber secure online messaging account was set to “away”.

“He often takes some time to reply, so at first I didn’t think anything of it,” said one person who knew the Russian as an administrator of a digital currency exchange which US prosecutors say was used to launder criminal funds.

“Then when I saw his picture on the news, I knew he would be ’away’ for a long time,” said the person, who spoke on condition of anonymity.

The US Justice Department says Vinnik facilitated crimes including computer hacking, fraud and drug trafficking by laundering at least $4 billion through BTC-e, an exchange used to trade bitcoin and other digital currencies, since 2011.

The 37-year-old faces up to 55 years in prison if extradited to the United States. He denies the allegations against him, according to Greek media reports, and BTC-e has said he never worked for the exchange. Reuters was unable to reach BTC-e or a lawyer representing Vinnik for comment.

Vinnik is now one of seven Russians arrested or indicted on US cyber-crime charges this year. On average, just two Russian cyber criminals were extradited to the United States each year between 2010 and the start of this year, according to a Reuters review of US Justice Department filings, Russian government statements and sources briefed on the matter.

The increase to a record level shows that although President Donald Trump is trying to improve relations with Moscow, the United States has not shied away from pursuing Russians suspected of cyber-crime.

The prosecutions coincide with intensified scrutiny of Russian hackers since US intelligence officials determined that Russia interfered in the 2016 … presidential election using cyber warfare methods to help Trump.

The Kremlin has denied accusations it interfered in elections in the United States or elsewhere.

But US opposition lawmakers have questioned whether Trump is willing to respond forcefully to Moscow over its actions in cyberspace, and the White House has avoided publicly accusing Russia over recent politically-motivated hacking attacks.

Alarmed by Trump’s proposal to create a joint US-Russia cyber security unit, US lawmakers have also drawn up a draft bill that would require him to notify lawmakers before he does so.

Four US federal law enforcement officials, who discussed the recent arrests with Reuters on condition of anonymity, said there had been no centralised effort to step up action against Russian cyber criminals under Trump.

The increase in the number of arrests stemmed from breakthroughs made in investigations before last year’s election, two of them said.

The FBI referred all questions to the US Justice Department. The Justice Department said it did not track arrests or indictments by nationality and declined further comment.

Russian Hackers Rattled

Some US officials, however, acknowledged that individual agents may now be more motivated to move against Russian cyber criminals following the election hacking scandal.

Russian hackers are active at all levels of cyber crime, from small-time thefts of online banking details, to taking down the computer networks of multi-national companies and government departments.

John Carlin, who until last October ran the national security division of the US Justice Department as assistant attorney general, said resources had already been moving towards pursuing Russian nationals before the 2016 election.

But he added: “Their outrageous activity to undermine the integrity of our election, like they did in western Europe before and have done since, can only have added fuel to the fire.”

According to interviews with five people who knew the men arrested this year, all of whom declined to be named for fear of prosecution, the arrests have shaken the Russian cyber-crime community.

“Now they are arresting even those who had a super indirect, not even direct connection to what they call influencing their election,” said one who knew Vinnik by his online moniker WME.

Used to operating across borders with relative impunity, Russian cyber criminals are now worried the prosecutions will lead to further arrests or harm their operations.

They are cutting back on trips abroad that were once seen as a calculated risk because of the risk of arrest and extradition, but are now viewed as increasingly foolhardy.

“We have monitored criminals discussing the aftermath (of the arrests) ... and it is clear they are concerned about two things,” said Ilya Sachkov, head of cyber security firm Group-IB, whose Threat Intelligence unit specialises in monitoring and tracking the Russian-speaking cyber-crime community.

"First, what the arrested members potentially know about them, but second and more importantly, a disruption in their ability to make money."

One of those arrested this year was Peter Levashov, charged by US prosecutors with operating one of the world's largest botnets, or networks, of infected computers used by cyber criminals. He denies the charges.

Levashov allegedly used the botnet to pump out spam emails for a multitude of criminal schemes, such as stock fraud, online credential phishing attempts and the distribution of malware, including ransomware.

A person who knew Levashov by his online identity Severa said his arrest in particular had rattled underground cyber-criminal circles because he was so well known.

"People read the news of course and see guys they know getting busted," the person said. "Once is bad, this many times is scary."

Reuters:

You Might Also Read:

Russian Arrested For $4billion Bitcoin Theft:

Putin Applauds Patriotic Russian Hackers:

Trump’s Joint Cybersecurity Unit With Russia – It’s Not Happening:

 

« Online Privacy Makes A GDPR Comeback
UK Deal With EU On Post-Brexit Data Sharing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

GSMA - IoT Security Guidelines

GSMA - IoT Security Guidelines

GSMA has created a set of security guidelines for the benefit of service providers who are looking to develop new IoT products and services.

Experian

Experian

Experian provide software solutions to help organizations prevent identity fraud and crime.

Airbus Cybersecurity

Airbus Cybersecurity

Airbus CyberSecurity is a European specialist in cyber security. Our mission is to protect governments, military and critical national infrastructure enterprises from cyber threats.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

European Recruitment

European Recruitment

European Recruitment is an award-winning, international recruitment agency specialising in niche technology areas including Cyber Security.

Slovak National Accreditation Service (SNAS)

Slovak National Accreditation Service (SNAS)

SNAS is the national accreditation body for Slovakia. The directory of members provides details of organisations offering certification services for ISO 27001.

Go Grow

Go Grow

Go Grow is a business oriented accelerator program at Copenhagen School of Entrepreneurship. Targeted technologies include IoT, AI and Cybersecurity.

NexGenT

NexGenT

NexGenT have combined military-style training with decades of network engineering and cyber security experience into an immersive program to get people into cyber security fast and effectively.

Cyturus Technologies

Cyturus Technologies

Cyturus Technologies delivers cybersecurity business risk quantification services using our proprietary Adaptive Risk Model (ARM).

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Millennium Corporation

Millennium Corporation

For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity.

Zeron

Zeron

Zeron build bridges between security teams and top management. Our platform unifies your cyber risk posture seamlessly, encompassing threat insights and quantifiable risk scenarios.

Silence Laboratories

Silence Laboratories

Silence Laboratories is a cybersecurity company that focuses on the fusion of cryptography, sensing, and design to support a seamless authentication experience.

InfoTrust

InfoTrust

InfoTrust is a leading specialised cybersecurity practice that combines a customer-first consulting approach with next-generation security solutions.

CyberAntix

CyberAntix

CyberAntix offers Premium CyberSecurity for your business using an advanced Security Operations Centre technology and process platform reinforced by a steadfast and expert SOC team.