A Belarussian and Ukrainian national has been charged in the Eastern District of Virginia and District of New Jersey with leading international computer hacking and wire fraud schemes.
Maksim Silnikau, also known as Maksym Silnikov, 38,made his initial appearance in Newark, N.J., on Aug. 12 after being extradited from Poland.
In court documents recently unsealed, Silnikov is accused of leading two multi-year cybercrime schemes.
In the Eastern District of Virginia, Silnikau is charged for his role as the creator and administrator of the Ransom Cartel ransomware strain and associated ransomware operations beginning in May 2021.
According to the indictment unsealed in the Eastern District of Virginia, Silnikau was the creator and administrator of the Ransom Cartel ransomware strain, created in 2021:
- Silnikau allegedly had been a member of Russian-speaking cybercrime forums since at least 2005 and was a member of the notorious cybercrime website Direct Connection from 2011 to 2016, when the site was shuttered after the arrest of its administrator.
- Beginning in May 2021, Silnikau allegedly developed a ransomware operation and began recruiting participants from cybercrime forums.
- On various occasions, Silnikau allegedly distributed information and tools to Ransom Cartel participants, including information about compromised computers, such as stolen credentials, and tools such as those designed to encrypt or “lock” compromised computers.
- Silnikau also allegedly established and maintained a hidden website where he and his co-conspirators could monitor and control ransomware attacks; communicate with each other; communicate with victims, including sending and negotiating payment demands; and manage distribution of funds between co-conspirators.
- On Nov. 16, 2021, Silnikau allegedly executed a ransomware attack on a company based in New York
- On March 5, 2022, Ransom Cartel ransomware was deployed against a company based in California. The hackers removed confidential data without authorization and demanded a monetary payment to refrain from releasing the victim’s data.
In the Eastern District of Virginia, Silnikau is charged with conspiracy to commit computer fraud and abuse, conspiracy to commit wire fraud, conspiracy to commit access device fraud and two counts each of wire fraud and aggravated identity theft. He faces a mandatory minimum of two years in prison and a maximum penalty of 20 years in prison.
“This case reemphasizes the importance of both cybersecurity and our crucial law enforcement partnerships worldwide,” said U.S. Attorney Jessica D. Aber for the Eastern District of Virginia. “Online threats emerge within the digital ecosystem among those who exploit the very tools that help us connect and collaborate. In turn, we must maximize our investigative collaborations globally to address those threats. This investigation demonstrates the positive results of leveraging international partnerships to combat international crimes.”
The U.S. Secret Service is investigating the charges in the Eastern District of Virginia.
In the District of New Jersey, Silnikau, along with alleged co-conspirators Volodymyr Kadariya, a Belarussian and Ukrainian national, 38, and Andrei Tarasov, a Russian national, 33, are charged with cybercrime offenses associated with a scheme to transmit the Angler Exploit Kit, other malware and online scams to the computers of millions of unsuspecting Internet users through online advertisements called malvertising and other means from October 2013 through March 2022. Silnikau, Kadariya and Tarasov are charged in New Jersey with conspiracy to commit wire fraud, conspiracy to commit computer fraud and two counts of substantive wire fraud. If convicted, Silnikau, Kadariya, and Tarasov face maximum penalties of 27 years in prison for wire fraud conspiracy, 10 years in prison for computer fraud conspiracy and 20 years in prison on each wire fraud count.
Related stories
Warner responds to ransomware group’s cyberattack on Change Healthcare
Waynesboro ransomware attack isn’t the only security issue the city has faced
Ransomware group claims it has infiltrated Waynesboro city government, police data
Study: U.S. companies are most affected by ransomware attacks
Staunton Public Schools at ‘heightened level’ as ransomware attacks target educational sector
Northam declares state of emergency after Colonial Pipeline ransomware cyberattack
Virginia Tech expert offers tips to defend yourself against future ransomware attacks