The United States Department of Justice (DOJ) today unsealed an indictment against Russian national Aleksandr Viktorovich Ryzhenkov, charging him with a series of ransomware attacks that targeted multiple victims across the U.S., particularly in Texas.
Ryzhenkov, operating out of Russia, allegedly deployed the BitPaymer ransomware variant to infiltrate the computer networks of U.S. businesses, encrypting sensitive data and demanding ransom for its release.
The indictment, which spans criminal activities beginning in June 2017, details how Ryzhenkov and his co-conspirators gained unauthorized access to corporate networks using various methods, including phishing campaigns, malware, and exploiting software vulnerabilities.
Once inside the networks, the attackers deployed ransomware that rendered crucial files inaccessible.
Victims were left with ransom notes instructing them on how to negotiate with the attackers for the return of their data. In many cases, Ryzhenkov and his group demanded millions of dollars in exchange for a decryption key and the assurance that sensitive information would not be leaked online.