The UK’s National Crime Agency, together with the US authorities, has carried out the arrest and extradition of the Belarusian-Ukrainian hacker, creator, and administrator of the Ransom Cartel ransomware virus, Reveton, and the Angler exploit kit.
38-year-old Maxim Silnikov, also known as J.P. Morgan, xxx and lansky, was detained in Spain in July and extradited to Poland, from where he was extradited to the United States on August 9, 2024. He was charged with organizing fraudulent schemes and carrying out major computer hacks. If the hacker is found guilty in all episodes, he may be imprisoned for 50 years.
In addition to him, charges are brought against 38-year-old citizen of Belarus and Ukraine Vladimir Kadaria, and 33-year-old Russian – Andrei Tarasov.
An international operation coordinated by the NCA has resulted in the arrest and extradition of a man believed to be one of the world’s most prolific Russian-speaking cybercrime actors.
FULL STORY ➡️ https://t.co/kgPdMAwqPZ pic.twitter.com/MVjRLco55R
— National Crime Agency (NCA) (@NCA_UK) August 13, 2024
According to operational information, Silnikov together with other criminals, created ransomware such as Reveton and Ransom Cartel, as well as the Angler exploit kit. Reveton emerged in 2011 and is considered “the first ransomware-as-a-service”
“The J.P. Morgan network also developed and distributed several exploit kits, including the infamous Angler Exploit Kit, which they used to run ‘malvertising’ campaigns,” the NCA said.
They used online advertising and internet browser vulnerabilities to deliver malicious content. It is known that victims of the Reveton ransomware received messages, allegedly from law enforcement agencies, accusing them of downloading child abuse material or copyrighted programs. Thus, people paid the scammers for fear of jail and to regain access to their locked devices.
As a result, only from 2012 to 2014, cybercriminals received about $400,000 per month, and the annual profit from Angler was $34 million. It is estimated that up to 100,000 devices were blocked.
The attackers also accessed victims’ personal information and then sold it on the darknet.
