"Aleksei Olegovich Volkov, 25, worked as an initial access broker (IAB) and was tied to at least seven ransomware attacks on US organizations, all carried out by the Yanluowang crew. According to Volkov's indictment [PDF], the Russian provided IAB services to Yanluowang, in some cases charging $1,000 for access to business networks using employee credentials, and later took a chunk of the profits made from ransom payments."
"The indictment did not mention any other payments being made, with some victims telling officials that they either restored from backups or simply refused to negotiate with the criminals. Volkov, however, was ordered to pay a total of $9.1 million in restitution payments to six of the seven victims, which incurred varying costs as a result of the cyberattacks on their systems, which in some cases also included DDoS and data theft."
"The indictment claimed that, from one attack on a Philadelphia business, Volkov was compensated around five percent ($94,259) of the engineering company's $500,000 ransom payment. He also allegedly netted a roughly six percent cut from a $1 million ransom paid by a Michigan company, earning approximately $162,220 from the incident. The Michigan company that paid the $1 million ransom, negotiated down from an initial demand of $15 million, is owed the largest sum of the seven victims, more than $7.2 million."
Aleksei Olegovich Volkov, 25, served as an initial access broker tied to at least seven ransomware attacks on US organizations executed by the Yanluowang crew. He sold access to business networks using employee credentials, sometimes charging $1,000, and received portions of ransom payments as compensation. Payments included about $94,259 (roughly 5%) from a $500,000 ransom and approximately $162,220 (about 6%) from a $1 million ransom. Some victims restored from backups or refused to negotiate. Courts ordered Volkov to pay $9.1 million in restitution to six victims, with the Michigan victim owed over $7.2 million. Prosecutors cited chats with a co-conspirator between July 2021 and November 2022 about attacks and compensation.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]