FBI Captures Cyber Kingpin Who Scammed Millions of Americans
The alleged leader of a global ransomware scam has been extradited from Poland to face charges in the U.S. that he defrauded millions of Americans.
The U.S. Secret Service detained Maksim Silnikau, a dual Belarussian and Ukrainian citizen who was formally indicted in both New Jersey and Virginia for computer hacking and wire fraud schemes, according to court documents unsealed on August 13. Silnikov, 38, has been associated with the online monikers “J.P. Morgan”, “xxx” and “lansky”.
Deputy Attorney General Lisa Monaco said: “For over a decade, the defendant used a host of online disguises and a network of fraudulent ad campaigns to spread ransomware and scam U.S. businesses and consumers.”
She added: “The Justice Department takes another step forward in disrupting ransomware actors and malicious cybercriminals who prey on victims in the U.S. and around the world.”
The arrest is part of a long-term investigation by the U.S. Secret Service with the help of foreign, domestic and private partners, according to Brian Lamber, the assistant director of investigations with the Secret Service.
“Cybercriminals should know that even if they attempt to hide their criminal conduct behind the anonymity of the internet that eventually, through the dedication of international law enforcement professionals, they will be apprehended and held accountable for their actions,” Lambert said.
In New Jersey, Silnikau is charged along with his alleged co-conspirators Volodymyr Kadari, of Belarus and Ukraine, and Andrei Tarasov, of Russia. The District of New Jersey charged the three with cybercrime offenses in association with a scheme to transmit the Angler Exploit Kit and other malware.
They face maximum penalties of 27 years in prison for wire fraud conspiracy, 10 years in prison for computer fraud conspiracy and 20 years on each wire fraud count.
Angler Exploit Kit enabled the delivery of the “scareware” ads to display fake messages claiming to have identified a virus or other issues with the victim’s device. The messages then tried to deceive the victim into buying or downloading software, providing remote access and disclosing personal identifying or financial information.
The court claims the three worked to scam “millions of unsuspecting victims” through online advertisements, or by “malvertising” between October 2013 and March 2022.
The ads “appeared legitimate but were actually designed to deliver malware,” according to Nicole Argentieri, the principal deputy assistant attorney general of the Justice Department’s criminal division. The malware would compromise devices and retrieve personal information.
“The conspirators’ scheme caused unsuspecting Internet users to be forcibly redirected to malicious content on millions of occasions, and defrauded and attempted to defraud various U.S.-based companies involved in the sale and distribution of legitimate online advertisements,” according to the the Secret Service.
The three were able to “trick” advertising companies into delivering their malvertising campaigns by using dozens of online personas to pose as legit advertising companies. They also used and developed technologies and codes to refine their malware to conceal their malicious nature behind the advertising.
U.S. attorney Philip Sellinger said Silnikau and his co-conspirators would sell the information to other cybercriminals “on the dark net.”
In Virginia, Silnikau is charged for his role as the creator and administrator of the Ransom Cartel ransomware strain that started operating in May 2021. If convicted, he faces a mandatory minimum of two years in prison and a maximum penalty of 20 years.
Silnikau was allegedly a member of Russian-speaking cybercrime forums since at least 2005. He was also said to be a member of the cybercrime website Direct Connection from 2011 to 2016.
In 2021, it is alleged that he developed his own ransomware operation and recruited people from the cybercrime forums. On Nov. 16, 2021, Silnikau allegedly executed a ransomware attack on a company based in New York. Four months later, Ransom Cartel was deployed again in California.
“Silnikau and his co-conspirators allegedly used malware and various online scams to target millions of unsuspecting internet users in the United States and around the world,” said FBI Deputy Director Paul Abbate.
“They hid behind online aliases and engaged in complex, far-reaching cyber fraud schemes to compromise victim devices and steal sensitive personal information. The FBI will continue to work with partners to aggressively impose costs on cybercriminals and hold them accountable for their actions.”
Do you have a story Newsweek should be covering? Do you have any questions about this story? Contact LiveNews@newsweek.com.