A Ukrainian nationwide has pleaded responsible within the U.S. to his function in two completely different malware schemes, Zeus and IcedID, between Might 2009 and February 2021.
Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. final yr. He was added to the FBI’s most-wanted record in 2012.
The U.S. Division of Justice (DoJ) described Penchukov as a “chief of two prolific malware teams” that contaminated 1000’s of computer systems with malware, resulting in ransomware and the theft of thousands and thousands of {dollars}.
This included the Zeus banking trojan that facilitated the theft of checking account data, passwords, private identification numbers, and different particulars essential to login to on-line banking accounts.
Penchukov and his co-conspirators, as a part of the “wide-ranging racketeering enterprise” dubbed Jabber Zeus gang, then masqueraded as staff of the victims to provoke unauthorized fund transfers.
In addition they used people residing within the U.S. and different elements of the world as “cash mules” to obtain the wired funds, which have been in the end funneled to abroad accounts managed by Penchukov et al. A successor to Zeus was dismantled in 2014.
The defendant has additionally been accused of facilitating malicious exercise by serving to lead assaults involving the IcedID (aka BokBot) malware from not less than November 2018. The malware is able to appearing as an data stealer and a loader for different payloads, resembling ransomware.
In the end, as investigative journalist Brian Krebs reported again in 2022, he managed to evade prosecution by Ukrainian cybercrime investigators for a few years as a result of his political connections with former Ukrainian President Victor Yanukovych.
Following his arrest and extradition, Penchukov pleaded responsible to 1 depend of conspiracy to commit a racketeer-influenced and corrupt group (RICO) act offense for his management function within the Jabber Zeus group. He additionally pleaded responsible to 1 depend of conspiracy to commit wire fraud for his management function within the IcedID malware group.
Penchukov is scheduled to be sentenced on Might 9, 2024, and faces a most penalty of 20 years in jail for every depend.
The event comes because the DoJ introduced the extradition of a 28-year-old Ukrainian nationwide from the Netherlands in reference to fraud, cash laundering and aggravated id theft by allegedly working and promoting an data stealer referred to as Raccoon.
Mark Sokolovsky, who was arrested by Dutch authorities in March 2022, leased Raccoon to different cybercriminals on a malware-as-a-service (MaaS) mannequin for $200 a month. It first turned obtainable in April 2019.
“These people used varied ruses, resembling e-mail phishing, to put in the malware onto the computer systems of unsuspecting victims,” the DoJ stated.
“Raccoon infostealer then stole private knowledge from sufferer computer systems, together with login credentials, monetary data, and different private information. Stolen data was used to commit monetary crimes or was offered to others on cybercrime boards.”
At the very least 50 million distinctive credentials and types of identification have been harvested by the malware, in line with the U.S. Federal Bureau of Investigation (FBI) estimates.
Sokolovsky’s arrest was accompanied by a coordinated takedown of Raccoon’s digital infrastructure, however a new model of the stealer, referred to as RecordBreaker, has since emerged within the wild.
He has been charged with one depend of conspiracy to commit fraud and associated exercise in reference to computer systems, one depend of conspiracy to commit wire fraud, one depend of conspiracy to commit cash laundering, and one depend of aggravated id theft.