Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations

Share This Post

A Ukrainian national was sentenced in a US federal court in Nebraska last week for his role in the Zeus and IcedID malware operations.

The man, Vyacheslav Igorevich Penchukov, 37, who pleaded guilty in February 2024, was sentenced on Thursday to nine years in prison and three years of supervised release, and was ordered to pay more than $70 million in restitution and forfeiture funds.

Penchukov, also known as Vyacheslav Igoravich Andreev and Tank, was arrested in Switzerland in 2022 and extradited to the US in 2023. He was originally indicted in 2014 and had been on the FBI’s Cyber Most Wanted list for over a decade.

According to court documents, Penchukov had been involved in the Zeus operation since 2009, and in the IcedID (aka Bokbot) malware operation between November 2018 and February 2021.

The defendant and co-conspirators infected thousands of business computers with the Zeus malware to steal bank account details, passwords, and other information providing access to online banking accounts. 

The Zeus trojan is estimated to have infected millions of devices worldwide, causing losses of more than $100 million.

The cybercriminals made unauthorized transfers from the victims’ accounts and money mules were then used to withdraw the funds and wire them to accounts controlled by the miscreants.

The Zeus trojan and botnets of infected devices were targeted by takedown operations in 2010 and 2012, but numerous variants continued to be distributed for years.

Advertisement. Scroll to continue reading.

IcedID was used to steal the victims’ banking information, but also for the distribution of other malware families, such as ransomware. As part of one incident, court documents show, ransomware distributed using IcedID caused over $30 million in losses to the University of Vermont Medical Center.

Initially observed in 2017, the IcedID operation was disrupted by law enforcement in May 2024, as part of Operation Endgame, which targeted multiple malware droppers.

Related: Identities of Cybercriminals Linked to Malware Loaders Revealed

Related: Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges

Related: Court Convicts Portuguese Hacker in Football Leaks Trial and Gives Him a 4-Year Suspended Sentence

Related: Bayrob Malware Operators Get Lengthy Prison Sentences

This post was originally published on this site

More Articles
Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .