On February 14, a jury in an American court found Russian businessman Vladislav Klyushin guilty of cybercrimes – he and his accomplices hacked into the country’s computer networks, obtained classified information, sold it and received tens of millions of dollars. This is not the first time that US justice has faced Russian hackers, but it may not always lead to jail. We talk about the 10 most famous and dangerous cybercriminals with Russian roots.
Dmitry Galushkevich
In 2007, all Estonians were suddenly unable to access the Internet: government websites, important state systems, banks, large banks and ATMs stopped working. This provoked panic and a wave of riots. The situation was aggravated by the decision of the country’s authorities in the same year to dismantle several Soviet monuments. The Estonian leadership naturally accused the Kremlin of revenge for the sculptures.
But the Kremlin, of course, had nothing to do with it. This is how the 20-year-old Russian hacker Dmitry Galushkevich, who lived in Estonia, expressed his civil position. When the authorities figured him out and arrested him, he did not deny his guilt. Galushkevich escaped prison, but in return he was ordered to pay a $1,500 fine.
Vladimir Levin
Back in 1994, Vladimir Levin, a computer scientist from St. Petersburg, was able to crack the security of the New York Citibank and transfer more than $12 million from his clients’ accounts to foreign accounts. Customer complaints grew and the FBI took over. Some of the transferred money was cashed in different countries, but most of the couriers were arrested while trying to get the money in hand.
Levin did not have a special education in the field of IT, and he went online from the premises of the Saturn SPb computer company – this allowed him to be identified, but not arrested. At that time, the criminal code knew nothing about computer crimes. Then the security forces from the United States and Russia decided to play a psychological game: after calls from arrested accomplices and threats from “brothers” allegedly related to the case, Levin panicked and left for the UK, presumably to visit his mother’s childhood friend. He was arrested immediately upon arrival at Stansted Airport, and then extradited to the United States, where Levin was sentenced to three years in prison.
In 2000, Levin, according to rumors, spoke with the investigator at the building of the Central Internal Affairs Directorate of St. Petersburg, and after that no one saw him. There is information that Levin lives abroad.
Vasily Gorshkov and Alexey Ivanov
By the beginning of the 2000s, there was a voluminous dossier on Chelyabinsk hackers – more than one computer network of American financial companies was hacked. Among their victims are the Seattle provider Speakeasy.net, CTF, the Los Angeles branch of the Korean bank Nara Bank, Western Union and the PayPal payment system. Gorshkov and Ivanov stole credit card data and used it to pay for computer components.
In order to catch them, the FBI went to the trick and created a front computer security company Invita Security in Seattle, which invited the Russians to the United States, ostensibly in order to hire them. In November 2000, both flew to the United States and met with employers, who turned out to be FBI agents. During the interview, Gorshkov revealed almost all of his crimes and demonstrated most of his skills. He did not know that all this was recorded on a video camera and prepared as the main argument for the court. Both Russians were arrested immediately after the meeting. Gorshkov remained in Seattle, while Ivanov was sent to Connecticut.
The continuation of their case was unprecedented, since the consequences were not only for hackers, but also for FBI special agent Michael Schuler, who himself hacked into their computers in search of evidence of the Russians’ guilt. At least this was stated by the FSB of Russia in the Chelyabinsk region and Gorshkova’s lawyer. His client was sentenced in 2002 to three years in prison and a $690,000 fine. The following year, Ivanov received four years in prison. The fine for him was not reported, as well as the further fate of Schuler.
Evgeny Bogachev
Good luck has been with the Russian hacker with the corresponding nickname – “lucky12345” – for almost 15 years. Bogachev created a group of cybercriminals, which included Russians, Ukrainians and the British. Since 2009, they have been able to steal at least $100 million from American citizens and companies. The hackers spread their Zeus virus through phishing emails and spam. They sold Zeus to colleagues around the world, which increased the damage bill many times over.
In 2014, Dutch programmers were able to find a connection between the vir and a social media account owned by Bogachev. According to experts, a hacker of this magnitude simply could not “screw up” like that – most likely, he just wanted popularity. However, Bogachev was arrested in absentia in court and charged on several counts.
For the capture of Bogachev, the US authorities are ready to give $ 3 million, although since 2014 they themselves know where he lives – in an elite apartment in Anapa with his wife, daughter and cat. In 2016, The New York wrote that almost nothing had changed in his life in two years, except that the hacker had a second child, and he began to rest in the Crimea.
Vladimir Drinkman
From 2005 to 2012, 160 million credit card details were sold on the black market and the databases of NASDAQ, Dow Jones, Heartland, Visa, 7-Eleven, Carrefour, JetBlue, Dexia Bank and other large companies were hacked. Behind this were the Russians Vladimir Drinkman, Dmitry Smilyanets, Alexander Kalinin, Roman Kotov and Ukrainian Mikhail Rytikov. In seven years, they managed to withdraw more than $300 million from 800,000 bank accounts.
Drinkman and Smilianets were detained in the Netherlands in 2012 and then extradited to the United States. Drinkman, as the head of the group, received 12 years in prison in 2018, Smilyanets – 4 years and 3 months. Both pleaded guilty, but Smilianets was released from the courtroom because he had served his sentence at the time of his arrest. Drinkman was released early in 2022.
The remaining hackers from the group are still wanted.
Alexey Belan
He was known on hacker forums under several aliases, including Magg, Quarker, and Mrmagister. Belan managed to write for the Russian magazine “Hacker” and trade in stolen passwords of ICQ users in 2007. Five years later, the hacker went on to more serious crimes.
In 2012, he attacked the servers of one of the Nevada companies, and the following year he hacked into the information system of the Scribd online document storage service. A year later, in 2014, Beldan launched an attack on Yahoo, which lasted about two years – this is one of the largest known hacks of corporate systems in history. The hack affected more than 500 million accounts. US authorities suspect Belan was assisted by two FSB officers.
After that, the US asked Interpol for the arrest of Belan. Greece attempted to do so, but Belan was able to escape. According to Malcolm Palmore, an assistant to the FBI special agent investigating, the Greeks released the Russian on bail, “unfounded, it seems to us.”
The FBI does not rule out that Belan could have been recruited by the FSB. The hacker, like the officers, apparently may be in Russia.
Roman Seleznev
The son of LDPR deputy Valery Seleznev chose carding as his life path – the investigation linked him with the creation of one of the largest sites for the sale of data from credit cards. The U.S. Attorney’s Office claimed that he not only sold information from cards, but was also a businessman “whose innovations transformed the carding industry”: Seleznev created two automated points of sale for credit card details, through which it was easy to find and buy the necessary information. Prosecutors likened the ease of buying and selling a book to buying a book on Amazon.
The developments of Seleznev and his accomplices brought enormous losses to US financial companies and credit card holders, exceeding $1.2 billion. US intelligence agencies hunted the Russian for 10 years and were able to detain him in 2014 in the Maldives. Three years later, in April 2017, he was sentenced to 27 years in prison, although Seleznev tried to repent by writing a touching letter. In it, he spoke about a difficult childhood in Vladivostok, an alcoholic mother and a constant lack of money. But this did not affect the verdict.
In the first months of his imprisonment, Seleznev did not waste time – he managed to defend his diploma with honors as an assistant legal adviser in criminal law, learned English and attended 15 Bible interpretation courses.
He was going to continue his studies to receive a bachelor’s degree in business management, but before that he decided to admit to participating in a hacker attack on the RBS Worldpay processor in 2008. Then they managed to earn $9 million, and Seleznev’s share was $2 million. For this, he was sentenced to 13 years in prison. The terms were announced in different states – Georgia and Nevada, so they are not summed up, and the serving of the sentence goes in parallel.
Igor Klopov
The year of his first step towards crime is unknown, but the simplicity of the approach is impressive: Klopov was guided by the list of 400 richest Americans according to Forbes. Of these, he selected the millionaires of Texas and California – information about them was available on the Web. We are talking about driver’s license numbers, birth certificate details, samples of paid bills, bank statements and blank checkbooks. Further, the hacker found his “colleagues” in the United States and promised them a large reward for their assistance. They managed to steal $1.5 million from the accounts of businessmen
Everything was fine until the decision was made on the “steal of the century” – an attempt in 2006 to rob Charles Wiley, a sponsor of the George W. Bush campaign. The hacker called the Texas branch of JP Morgan Chase & Co. and, posing as Wiley, asked for a new checkbook to be sent to an address in Houston, Texas. The address, by the way, belonged to one of Klopov’s accomplices. He forwarded the document to another accomplice in Michigan. Then Klopov wrote out a check for $7 million and wanted to buy gold for them. To do this, the hacker turned to a trader in Westchester County (New York). The trader decided to play it safe and called the bank to verify the authenticity of the checkbook. Bank officials contacted Wiley, who knew nothing of such a transaction.
In 2007, Klopov came to New York to take $7 million worth of gold, but the authorities were already waiting for him. In the same year, the hacker was given 3.5 years in prison. In the last word, addressing the judge, he said: “I assure you that I will improve.” To which the judge replied, “I hope you sincerely wish it.”
The judge’s hopes came true: after his release, Klopov recruited a team and founded Cybertek, a cybersecurity company in the United States.
Denis Stepanov, Alexander Petrov and Ivan Maksakov
From 2003 until the spring of 2004, nine bookmakers and casinos in the UK and Ireland received emails that read, “We are currently attacking your site. If you don’t want your company to go bankrupt, pay $40,000.” After the attack began, the server could not stand it and the offices practically stopped working, losing income. After the demonstrative hacker performance, a new letter arrived demanding to transfer money via Western Union to accounts in Riga.
The scheme is as old as the world, but this did not stop three Russian hackers from successfully using it. Bots – “blockers” of servers in 2003 were written by a student of the Balakovo Institute of Engineering, Technology and Management, 22-year-old Ivan Maksakov. The DDoS attacks were controlled by Alexander Petrov, a 24-year-old graduate of the Astrakhan Academy of Law, and Denis Stepanov, 25, from St. Petersburg, was preparing for them.
The hackers managed to collect more than $4 million from the affected offices. After the British authorities were able to find three accomplices, the ambassador of the United Kingdom hastily turned to the Russian Ministry of Internal Affairs. The police found providers through which the hackers accessed the Internet. In autumn 2004, Maksakov and Stepanov were detained, and six months later, Petrov as well.
All three denied their guilt and only admitted that they had some “malicious” programs at home, which they exchanged out of curiosity with acquaintances, but did not extort money from anyone. The Balakovo City Court (Saratov Region) did not believe the hackers and sentenced each of them to eight years in a strict regime colony and a $100,000 fine.