Men Convicted of Helping Create Ransomware Attacks

Their online encryption service allowed hackers to infect computer systems around the world from 2013 to 2017.

I Stock 1201405775

Two men from Estonia have been convicted of federal cybercrime charges involving ransomware and other attacks on computer systems around the globe.

Oleg Koshkin, 41, was convicted Tuesday by a jury in U.S. District Court in Hartford of conspiracy to commit computer fraud and abuse as well as aiding and abetting computer fraud and abuse.

His co-defendant, Pavel Tsurkan, 33, pleaded guilty Wednesday to aiding and abetting the unauthorized access to a protected computer.

Prosecutors said Koshkin, a Russian national who lived in Estonia, and Tsurken who lived in both Estonia and Thailand, operated an online encryption service known as Crypt4U, which helped conceal malware infections from antivirus software.

That technology allowed hackers to infect computer systems around the world between September 2013 and December 2017, including in Connecticut, prosecutors said.

Koshkin “designed and operated a service that was an essential tool for some of the world’s most destructive cybercriminals, including ransomware attackers,” Acting Assistant Attorney General Nicholas McQuaid of the Justice Department’s Criminal Division said in a statement. "The verdict should serve as a warning to those who provide infrastructure to cybercriminals: the Criminal Division and our law enforcement partners consider you to be just as culpable as the hackers whose crimes you enable — and we will work tirelessly to bring you to justice."

One of the men's clients was Peter Levashov, the operator of what became known as the Kelihos botnet, which gave him control over the computer networks he infiltrated, prosecutors said.

Levashov used Koshkin's technology to help him infect about 200,000 computers around the world before the Kelihos system was dismantled by the FBI, according to court documents.

He pleaded guilty in 2018 to charges including identity theft and causing intentional damage to a protected computer.

Koshkin, who has been in federal custody since his arrest in California in 2019, faces up to 15 years in prison at a sentencing scheduled for September 20. Tsurkan, who has been free on bond, faces up to nine years in prison when he is sentenced on September 27.

The FBI’s New Haven office investigated the case through its Connecticut Cyber Task Force.

More in IoT