A Belarussian and Ukrainian dual-national was extradited from Poland to the US, where he faces charges related to his leading role in the distribution of malware, scams, and ransomware.
The man, Maksim Silnikau, also known as Maksym Silnikov, 38, was indicted in New Jersey for his multi-year involvement in malvertising schemes distributing the Angler exploit kit, malware, and other scams.
Additionally, Silnikau was charged in the Eastern District of Virginia for creating and managing the Ransom Cartel ransomware and associated operations.
According to the New Jersey indictment, between October 2013 and March 2022, Silnikau and alleged co-conspirators Volodymyr Kadariya, a Belarussian and Ukrainian national, 38, and Andrei Tarasov, a Russian national, 33, and others used malvertising for the distribution of malware, scareware, and other scams.
Silnikau and others allegedly led the distribution of Angler, an exploit kit that targeted web-based vulnerabilities in browsers and their plugins, and which was used by other cybercriminals to distribute various malware families.
Angler, which was at times the leading exploit kit, was developed and rented by the Lurk cybercrime gang, whose members were arrested in Russia in 2016. The exploit kit disappeared from the threat landscape shortly after the arrests.
Silnikau and his co-conspirators used tens of online personas and fictitious entities to trick advertising companies into delivering their malvertising campaigns that redirected victims to malicious sites and servers.
To profit from their schemes, the miscreants sold access to the compromised devices on Russian cybercrime forums. They also sold stolen information, such as banking details and login credentials.
Silnikau, Kadariya, and Tarasov were charged with wire fraud conspiracy, wire fraud, and computer fraud conspiracy, which carry maximum penalties of 27, 10, and 20 years in prison, respectively.
The indictment unsealed in the Eastern District of Virginia alleges that Silnikau developed the Ransom Cartel ransomware, which appeared in 2021, and which some cybersecurity firms linked to the REvil operation.
He allegedly recruited affiliates on cybercrime forums, provided them with information and tools, and set up and maintained a hidden website for controlling and monitoring ransomware attacks.
Silnikau was allegedly involved in a November 2021 ransomware attack targeting a New York company, and in a March 2022 assault on a company in California. The Ransom Cartel ransomware gang stole the victims’ data, in addition to encrypting it, and threatened to release it publicly unless a ransom was paid.
He was charged with computer fraud and abuse conspiracy, wire fraud conspiracy, access device fraud conspiracy, wire fraud, and aggravated identity theft, and faces up to 20 years in prison.
Related: North Korean Charged in Cyberattacks on US Hospitals, NASA and Military Bases
Related: Vietnamese Members of FIN9 Hacking Group Charged in US
Related: $10 Million Bounty on Iranian Hackers for Cyberattacks on US Gov, Defense Contractors
Related: Australian Man Charged for Developing Imminent Monitor RAT
