Russian Hackers Feel The Heat

When Alexander Vinnik was arrested on money-laundering charges at a Greek hotel in late July, the status of his Jabber secure online messaging account was set to “away”.

“He often takes some time to reply, so at first I didn’t think anything of it,” said one person who knew the Russian as an administrator of a digital currency exchange which US prosecutors say was used to launder criminal funds.

“Then when I saw his picture on the news, I knew he would be ’away’ for a long time,” said the person, who spoke on condition of anonymity.

The US Justice Department says Vinnik facilitated crimes including computer hacking, fraud and drug trafficking by laundering at least $4 billion through BTC-e, an exchange used to trade bitcoin and other digital currencies, since 2011.

The 37-year-old faces up to 55 years in prison if extradited to the United States. He denies the allegations against him, according to Greek media reports, and BTC-e has said he never worked for the exchange. Reuters was unable to reach BTC-e or a lawyer representing Vinnik for comment.

Vinnik is now one of seven Russians arrested or indicted on US cyber-crime charges this year. On average, just two Russian cyber criminals were extradited to the United States each year between 2010 and the start of this year, according to a Reuters review of US Justice Department filings, Russian government statements and sources briefed on the matter.

The increase to a record level shows that although President Donald Trump is trying to improve relations with Moscow, the United States has not shied away from pursuing Russians suspected of cyber-crime.

The prosecutions coincide with intensified scrutiny of Russian hackers since US intelligence officials determined that Russia interfered in the 2016 … presidential election using cyber warfare methods to help Trump.

The Kremlin has denied accusations it interfered in elections in the United States or elsewhere.

But US opposition lawmakers have questioned whether Trump is willing to respond forcefully to Moscow over its actions in cyberspace, and the White House has avoided publicly accusing Russia over recent politically-motivated hacking attacks.

Alarmed by Trump’s proposal to create a joint US-Russia cyber security unit, US lawmakers have also drawn up a draft bill that would require him to notify lawmakers before he does so.

Four US federal law enforcement officials, who discussed the recent arrests with Reuters on condition of anonymity, said there had been no centralised effort to step up action against Russian cyber criminals under Trump.

The increase in the number of arrests stemmed from breakthroughs made in investigations before last year’s election, two of them said.

The FBI referred all questions to the US Justice Department. The Justice Department said it did not track arrests or indictments by nationality and declined further comment.

Russian Hackers Rattled

Some US officials, however, acknowledged that individual agents may now be more motivated to move against Russian cyber criminals following the election hacking scandal.

Russian hackers are active at all levels of cyber crime, from small-time thefts of online banking details, to taking down the computer networks of multi-national companies and government departments.

John Carlin, who until last October ran the national security division of the US Justice Department as assistant attorney general, said resources had already been moving towards pursuing Russian nationals before the 2016 election.

But he added: “Their outrageous activity to undermine the integrity of our election, like they did in western Europe before and have done since, can only have added fuel to the fire.”

According to interviews with five people who knew the men arrested this year, all of whom declined to be named for fear of prosecution, the arrests have shaken the Russian cyber-crime community.

“Now they are arresting even those who had a super indirect, not even direct connection to what they call influencing their election,” said one who knew Vinnik by his online moniker WME.

Used to operating across borders with relative impunity, Russian cyber criminals are now worried the prosecutions will lead to further arrests or harm their operations.

They are cutting back on trips abroad that were once seen as a calculated risk because of the risk of arrest and extradition, but are now viewed as increasingly foolhardy.

“We have monitored criminals discussing the aftermath (of the arrests) ... and it is clear they are concerned about two things,” said Ilya Sachkov, head of cyber security firm Group-IB, whose Threat Intelligence unit specialises in monitoring and tracking the Russian-speaking cyber-crime community.

"First, what the arrested members potentially know about them, but second and more importantly, a disruption in their ability to make money."

One of those arrested this year was Peter Levashov, charged by US prosecutors with operating one of the world's largest botnets, or networks, of infected computers used by cyber criminals. He denies the charges.

Levashov allegedly used the botnet to pump out spam emails for a multitude of criminal schemes, such as stock fraud, online credential phishing attempts and the distribution of malware, including ransomware.

A person who knew Levashov by his online identity Severa said his arrest in particular had rattled underground cyber-criminal circles because he was so well known.

"People read the news of course and see guys they know getting busted," the person said. "Once is bad, this many times is scary."

Reuters:

You Might Also Read:

Russian Arrested For $4billion Bitcoin Theft:

Putin Applauds Patriotic Russian Hackers:

Trump’s Joint Cybersecurity Unit With Russia – It’s Not Happening:

 

« Online Privacy Makes A GDPR Comeback
UK Deal With EU On Post-Brexit Data Sharing »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

Combitech

Combitech

Combitech is the Nordic region’s leading cyber security consultancy firm, with about 260 certified security consultants helping companies and authorities prevent and manage cyber threats.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

FRSecure

FRSecure

FRSecure is a full-service information security management company that protects sensitive, confidential business information from unauthorized access, disclosure, distribution and destruction.

Workz Group

Workz Group

Workz connects and protects mobile subscribers of today and tomorrow by providing secure removable or embedded SIMs and remote provisioning solutions for consumer, M2M and IOT devices.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.

BoldCloud

BoldCloud

BoldCloud's award winning Cybersecurity Advisory services and Layered Security approach adds new critical layers of protection for your data and your business.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

SoloKeys

SoloKeys

SoloKeys provides the first open-source FIDO2 security key: Protect your online accounts against unauthorized access by using the most secure login method.

Telsy

Telsy

Telsy is a security partner for ICT solutions and services. We help you implement effective security solutions that increase your risk mitigation ability and your responsiveness.

MAUSHIELD

MAUSHIELD

MAUSHIELD is the national platform for sharing cyber threat information and intelligence that can help organisations to improve their cybersecurity posture, minimize risks and prevent cyber-attacks.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

NoviFlow

NoviFlow

NoviFlow is a leading provider of terabit networking software solutions for Communication Service Providers (CSPs).

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.

BlazeGuard

BlazeGuard

At BlazeGuard, we understand that navigating the complex world of cybersecurity can be challenging. That’s why we make it our mission to simplify the process for you.