Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Ransom Cartel, Reveton leader arrested, extradited to the US to face charges

The leader of the Ransom Cartel and Reveton ransomware operations has been arrested and extradited to the US.

user icon Daniel Croft
Wed, 14 Aug 2024
Ransom Cartel, Reveton leader arrested, extradited to the US to face charges
expand image

Maksim Silnikau, a Belarusian-Ukrainian national who goes by the monikers “J.P. Morgan”, “lansky” and “xxx”, was arrested in Spain on 18 July as part of an international operation coordinated by the UK’s National Crime Agency (NCA). He was then extradited from Poland to the US to face his charges on 9 August.

Silnikau will face two indictments, one in the Eastern District of Virginia for the creation of Ransom Cartel, and one for the District of New Jersey for the malvertising operation.

“Today, the Justice Department takes another step forward in disrupting ransomware actors and malicious cyber criminals who prey on victims in the US and around the world,” said Deputy Attorney-General Lisa Monaco in a release by the US Justice Department.

============
============

“As alleged, for over a decade, the defendant used a host of online disguises and a network of fraudulent ad campaigns to spread ransomware and scam US businesses and consumers.

“Now, thanks to the hard work of federal agents and prosecutors, along with Polish law enforcement colleagues, Maksim Silnikau must answer these grave charges in an American courtroom.”

Two other individuals, Vladimir Kadariya from Belarus and Andrei Tarasov from Russia, will also face charges related to Silnikau’s cyber crime operations.

According to the NCA, Silnikau’s criminal activity was first detected in 2011 when he launched the first ransomware-as-a-service (RaaS) operation, Reveton.

“Victims of Reveton received messages purporting to be from law enforcement, with a notification that would lock their screen and system, accusing them of downloading illegal content such as child abuse material and copyrighted programmes,” said the NCA.

“Reveton could detect the use of a webcam and take an image of the user to accompany the notification with a demand for payment.

“Victims were then coerced into paying large fines through fear of imprisonment or to regain access to their devices.

“The scam resulted in approximately $400,000 being extorted from victims every month from 2012 to 2014.”

Ransom Cartel, Silnikau’s more recent RaaS operation, was launched in December 2021, which, like many modern ransomware operators, is known for its double extortion techniques.

Experts believe that there are connections between Ransom Cartel and the infamous REvil ransomware gang, citing technical and operational similarities.

Furthermore, Ransom Cartel appeared just a month prior to REvil ransomware being first dismantled by the Russian Federal Security Service in January 2022 and only a month after 14 of its alleged members were arrested in Russia.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.