Russian Hacker Sentenced to 81 Months for Facilitating Ransomware Attacks

Russian Hacker Sentenced to 81 Months for Facilitating Ransomware Attacks

In a significant development in the fight against cybercrime, Russian national Aleksei Volkov, 26, has been sentenced to 81 months in U.S. federal prison for his role in facilitating ransomware attacks that resulted in over $9 million in actual losses and $24 million in intended damages. Volkov operated as an initial access broker, providing unauthorized access to business networks to cybercriminal groups, including the notorious Yanluowang ransomware gang.

Role as an Initial Access Broker

Between July 2021 and November 2022, Volkov, known online as "chubaka.kor," infiltrated computer networks and sold access to these systems for up to $1,000 per instance. His services enabled ransomware groups to deploy malicious software, encrypting victims' data and demanding substantial ransoms. In some cases, Volkov received a percentage of the ransom payments, earning over $256,000 from just two victims who collectively paid around $1.5 million to regain access to their systems.

Impact on U.S. Organizations

Volkov's activities had a widespread impact, targeting various sectors across the United States. Victims included banks, telecommunications companies, and engineering firms in states such as Pennsylvania, California, Michigan, Illinois, Georgia, and Ohio. The Yanluowang ransomware group, active until late 2022, demanded ransoms ranging from $300,000 to $15 million, threatening to leak stolen data if payments were not made.

Arrest and Legal Proceedings

Following an extensive investigation by the FBI, Volkov was apprehended in Rome in January 2024 and subsequently extradited to the United States. In November 2025, he pleaded guilty to multiple charges, including identity theft, fraud, and conspiracy to commit money laundering. As part of his sentencing, Volkov agreed to pay over $9 million in restitution to his victims and forfeit the tools used in his cybercriminal activities.

Broader Implications

This case underscores the critical role that initial access brokers play in the ransomware ecosystem. By infiltrating networks and selling access, individuals like Volkov enable ransomware groups to execute attacks more efficiently, amplifying the threat to organizations worldwide. The sentencing serves as a stark reminder of the severe consequences awaiting those who engage in such cybercriminal activities.

For more detailed information on this case, refer to the original report by ITPro: Russian sentenced to jail for his part in ransomware attacks.