The US State Department is offering a reward of up to $2.5 million for information leading to the arrest or conviction of Belarusian citizen Volodymyr Kadaria, who is suspected of involvement in a “significant malware organization”.
Kadariya, 38, who is also known by his aliases “Stalin,” “Eseb” and “baxus,” is alleged to have used online advertisements to transfer the Angler Exploit Kit and other malware to the computers of “millions of unsuspecting victims” from October 2013 to March 2022.
At the time, the Angler exploit kit was “a leading means by which cybercriminals delivered malware to infected electronic devices,” the U.S. State Department said in a statement on Monday. At its peak, Angler accounted for 40% of all exploit kit infections, targeted around 100,000 devices and generated an estimated annual revenue of around $34 million, according to the UK's National Crime Agency (NCA).
Kadariya was charged with financial and computer fraud in June. The malvertising campaigns he was involved in were designed to appear legitimate, but often redirected victims to malicious websites designed to defraud them or infect their devices with malware.
For example, some of the ads attempted to deceive victims into purchasing or downloading dangerous software, granting them remote access to their devices, or disclosing personal identification or financial information.
According to the indictment, Kadariya and his accomplices profited from selling access to compromised devices on Russian cybercrime forums, as well as information stolen from victims and recorded in “logs,” such as banking details and login credentials.
In early August, Kadariya's co-conspirator, Belarusian-Ukrainian citizen Maksim Silnikau, was arrested and extradited to the United States. He led two multi-year cybercrime schemes and developed the first ransomware-as-a-service business model – a product called Reveton – that allowed low-skilled criminals to launch ransomware attacks for money.
Silnikau is also believed to be behind the Angler Exploit Kit. If convicted, Silnikau, Kadariya and their third partner, Andrei Tarasov, face maximum sentences of 27 years in prison for conspiracy to commit wire fraud, 10 years for conspiracy to commit computer fraud and 20 years in prison for each count of wire fraud.
Recorded future
Intelligence Cloud.
Learn more.
