Cnn
–
An undeveloped American federal accusation accused a Russian man of having directed a global cybercrime ring which caused hundreds of millions of dollars in damage to victims of the world.
The crime group a victim of victims of people in the United States and in various sectors of the economy, according to the indictment, from a dental cabinet in Los Angeles to a music company in Tennessee.
By announcing the accusations, the Ministry of Justice said that it worked to return to victims more than $ 24 million in cryptocurrency would have stolen by the Russian man and seized by the ministry.
This is the last episode of an American effort in the application of American laws to make more difficult for criminals based in Russia to extort and disturb the suppliers of critical infrastructure with ransomware attacks. The Ministry of Justice Wednesday said He had entered the computer systems behind another prolific hacking tool whose brain would also be based in Russia.
Russia and the United States do not have an extradition treaty, and the Kremlin is reluctant to pursue pirates on Russian soil as long as it does not attack Russian organizations, according to American officials.
The man accused Thursday, Rustam Rafailevich Gallyamov, a 48-year-old man based in Moscow, would have developed malicious software in 2008 which was used to infect hundreds of thousands of computers in the United States and in the world. Malware, called Qakbot, has been used to damage ransomware attacks on health agencies and government agencies around the world, prosecutors said.
According to the Ministry of Justice. For the Ransomware attack on the Tennessee music company, he received the equivalent of more than $ 300,000, according to the indictment.
CNN asked for comments from the Russian Embassy in Washington, DC, on the accusations.
The indictment provides A window on the resilient career path of an alleged cybercriminal. In 2023, the FBI and European law enforcement agencies dismantled a massive network of computers infected with Qakbot and seized millions of dollars belonging to the pirates.
Gallyamov responded to this bust by looking for other ways to put its malware available to cybercriminals leading to ransomware attacks, Akil Davis, deputy director of the FBI office of Los Angeles, said on Thursday in a statement. Gallyamov and Associates would have launched companies of “spam bombing”, or flooded their boxes of receipt of subscription to the newsletters, then supported to offer the problem, indicates the indictment.
The State Department in 2023 offered $ 10 million for information on people behind Qakbot. It is not known if confidential councils in the State Department led to the indictment of Gallyamov. In some cases, federal prosecutors are not part of an indictment when they do not know if an accused will travel outside a country that has no extradition treaty with the United States.
One of Gallyamov’s main customers was a ransomware gang known as Conti, which made at least 25 million dollars in a burst of attacks in 2021, according to the Crypto-Tracking Elliptic company. Ransomware gang used Gallyamov’s hacking tool during attacks on a Wisconsin manufacturing company and a Nebraska technological company in the fall of 2021, according to the accusation act.
The last mention of the ransomware gang continues in the indictment was at the end of January 2022. A month later, Russia launched its large -scale invasion of Ukraine and a Ukrainian and a Ukrainian has disclosed a data mine On Conti in revenge for its support for the Russian government, forcing the criminal network to reconstruct itself. But Gallyamov would have moved to other customers.