A Ukrainian national was sentenced in a US federal court in Nebraska last week for his role in the Zeus and IcedID malware operations.
The man, Vyacheslav Igorevich Penchukov, 37, who pleaded guilty in February 2024, was sentenced on Thursday to nine years in prison and three years of supervised release, and was ordered to pay more than $70 million in restitution and forfeiture funds.
Penchukov, also known as Vyacheslav Igoravich Andreev and Tank, was arrested in Switzerland in 2022 and extradited to the US in 2023. He was originally indicted in 2014 and had been on the FBI’s Cyber Most Wanted list for over a decade.
According to court documents, Penchukov had been involved in the Zeus operation since 2009, and in the IcedID (aka Bokbot) malware operation between November 2018 and February 2021.
The defendant and co-conspirators infected thousands of business computers with the Zeus malware to steal bank account details, passwords, and other information providing access to online banking accounts.
The Zeus trojan is estimated to have infected millions of devices worldwide, causing losses of more than $100 million.
The cybercriminals made unauthorized transfers from the victims’ accounts and money mules were then used to withdraw the funds and wire them to accounts controlled by the miscreants.
The Zeus trojan and botnets of infected devices were targeted by takedown operations in 2010 and 2012, but numerous variants continued to be distributed for years.
IcedID was used to steal the victims’ banking information, but also for the distribution of other malware families, such as ransomware. As part of one incident, court documents show, ransomware distributed using IcedID caused over $30 million in losses to the University of Vermont Medical Center.
Initially observed in 2017, the IcedID operation was disrupted by law enforcement in May 2024, as part of Operation Endgame, which targeted multiple malware droppers.
Related: Identities of Cybercriminals Linked to Malware Loaders Revealed
Related: Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges
Related: Court Convicts Portuguese Hacker in Football Leaks Trial and Gives Him a 4-Year Suspended Sentence
Related: Bayrob Malware Operators Get Lengthy Prison Sentences