Office of Public Affairs Leader of International Malvertising and Ransomware Schemes Extradited from Poland to Face Cybercrime Charges United States Department of Justice
pAn official website of the United States governmentppHeres how you knowpp
Official websites use gov
A gov website belongs to an official government organization in the United States
pp
Secure gov websites use HTTPS
A lock
Lock
Locked padlock
or https means youve safely connected to the gov website Share sensitive information only on official secure websites
ppArchived NewsppPara Notícias en EspañolppWASHINGTON A Belarussian and Ukrainian dualnational charged in both the District of New Jersey and Eastern District of Virginia with leading international computer hacking and wire fraud schemes made his initial appearance in Newark New Jersey today after being extradited from PolandppAs alleged in court documents unsealed today Maksim Silnikau also known as Maksym Silnikov 38 led two multiyear cybercrime schemes At different points Silnikau has been associated with the online monikers JP Morgan xxx and lansky among othersppIn the District of New Jersey Silnikau along with alleged coconspirators Volodymyr Kadariya a Belarussian and Ukrainian national 38 and Andrei Tarasov a Russian national 33 are charged with cybercrime offenses associated with a scheme to transmit the Angler Exploit Kit other malware and online scams to the computers of millions of unsuspecting victim internet users through online advertisements socalled malvertising and other means from October 2013 through March 2022 In the Eastern District of Virginia Silnikau is charged for his role as the creator and administrator of the Ransom Cartel ransomware strain and associated ransomware operations beginning in May 2021ppToday the Justice Department takes another step forward in disrupting ransomware actors and malicious cybercriminals who prey on victims in the US and around the world said Deputy Attorney General Lisa Monaco As alleged for over a decade the defendant used a host of online disguises and a network of fraudulent ad campaigns to spread ransomware and scam US businesses and consumers Now thanks to the hard work of federal agents and prosecutors along with Polish law enforcement colleagues Maksim Silnikau must answer these grave charges in an American courtroom ppThis arrest underscores a longterm investigation by the US Secret Service in coordination with foreign domestic and private partners of cybercrime organizations that allegedly distributed the notorious Angler Exploit Kit conducted malvertising and operated the Ransom Cartel ransomware organization said Assistant Director of Investigations Brian Lambert of the US Secret Service Cybercriminals should know that even if they attempt to hide their criminal conduct behind the anonymity of the internet that eventually through the dedication of international law enforcement professionals they will be apprehended and held accountable for their actionsppSilnikau and his coconspirators allegedly used malware and various online scams to target millions of unsuspecting internet users in the United States and around the world said FBI Deputy Director Paul Abbate They hid behind online aliases and engaged in complex farreaching cyber fraud schemes to compromise victim devices and steal sensitive personal information The FBI will continue to work with partners to aggressively impose costs on cybercriminals and hold them accountable for their actionsppAs alleged in the indictment Silnikau and his coconspirators distributed online advertisements to millions of internet users for the purpose of delivering malicious content said Principal Deputy Assistant Attorney General Nicole M Argentieri head of the Justice Departments Criminal Division These ads appeared legitimate but were actually designed to deliver malware that would compromise users devices or to deliver scareware designed to trick users into providing their sensitive personal information Silnikaus arrest and extradition demonstrate that working with its domestic and international partners the Criminal Division is committed to bringing cybercriminals who target US victims to justice no matter where they are locatedppThese conspirators are alleged to have operated a multiyear scheme to distribute malware onto the computers of millions of unsuspecting internet users around the globe said US Attorney Philip R Sellinger for the District of New Jersey To carry out the scheme they used malicious advertising or malvertising to trick victims into clicking on legitimateseeming internet ads Instead the victims would be redirected to malicious internet sites that delivered malware to their devices giving the conspirators access to the victims personal information The conspirators then sold that access and information to other cybercriminals on the dark net Throughout the scheme the conspirators attempted to hide their identities from law enforcement including by using fraudulent aliases and online personasppThis case reemphasizes the importance of both cybersecurity and our crucial law enforcement partnerships worldwide said US Attorney Jessica D Aber for the Eastern District of Virginia Online threats emerge within the digital ecosystem among those who exploit the very tools that help us connect and collaborate In turn we must maximize our investigative collaborations globally to address those threats This investigation demonstrates the positive results of leveraging international partnerships to combat international crimesppThe FBI will continue to work alongside our partners both overseas and in the states to identify and dismantle cyber threats and to pursue those criminals who attempt to target and defraud victims in the United States said Special Agent in Charge Stephen Cyrus of the FBI Kansas City Field OfficeppDistrict of New Jersey IndictmentppAccording to the indictment unsealed in the District of New Jersey from October 2013 through March 2022 Silnikau Kadariya Tarasov and others in Ukraine and elsewhere used malvertising and other means to deliver malware scareware and online scams to millions of unsuspecting Internet users in the United States and elsewhere The malvertising campaigns were designed to appear legitimate but often redirected victim Internet users who viewed or accessed the advertisements to malicious sites and servers that sought to defraud the users or delivered malware to the users devices The conspirators scheme caused unsuspecting Internet users to be forcibly redirected to malicious content on millions of occasions and defrauded and attempted to defraud various USbased companies involved in the sale and distribution of legitimate online advertisementsppOne strain of malware that Silnikau and others allegedly took a leading role in disseminating was the Angler Exploit Kit which targeted webbased vulnerabilities in Internet browsers and associated plugins At times during the scheme the Angler Exploit Kit was a leading vehicle through which cybercriminals delivered malware onto compromised electronic devices The conspirators also allegedly enabled the delivery of scareware ads that displayed false messages claiming to have identified a virus or other issue with a victim Internet users device The messages then attempted to deceive the victim into buying or downloading dangerous software providing remote access to the device or disclosing personal identifying or financial informationppFor years the conspirators tricked advertising companies into delivering their malvertising campaigns by using dozens of online personas and fictitious entities to pose as legitimate advertising companies They also developed and used sophisticated technologies and computer code to refine their malvertisements malware and computer infrastructure so as to conceal the malicious nature of their advertising ppAs alleged Silnikau Kadariya Tarasov and conspirators used multiple strategies to profit from their widespread hacking and wire fraud scheme including by using accounts on predominantly Russian cybercrime forums to sell to cybercriminals access to the compromised devices of victim Internet users socalled loads or bots as well as information stolen from victims and recorded in logs such as banking information and login credentials to enable further efforts to defraud the victim Internet users or deliver additional malware to their devicesppEastern District of Virginia IndictmentppAccording to the indictment unsealed in the Eastern District of Virginia Silnikau was the creator and administrator of the Ransom Cartel ransomware strain created in 2021 Silnikau allegedly had been a member of Russianspeaking cybercrime forums since at least 2005 and was a member of the notorious cybercrime website Direct Connection from 2011 to 2016 when the site was shuttered after the arrest of its administratorppBeginning in May 2021 Silnikau allegedly developed a ransomware operation and began recruiting participants from cybercrime forums On various occasions Silnikau allegedly distributed information and tools to Ransom Cartel participants including information about compromised computers such as stolen credentials and tools such as those designed to encrypt or lock compromised computers Silnikau also allegedly established and maintained a hidden website where he and his coconspirators could monitor and control ransomware attacks communicate with each other communicate with victims including sending and negotiating payment demands and manage distribution of funds between coconspiratorsppOn Nov 16 2021 Silnikau allegedly executed a ransomware attack on a company based in New York and on March 5 2022 Ransom Cartel ransomware was deployed against a company based in California The hackers removed confidential data without authorization and demanded a monetary payment to refrain from releasing the victims datappIn the District of New Jersey Silnikau Kadariya and Tarasov are charged with conspiracy to commit wire fraud conspiracy to commit computer fraud and two counts of substantive wire fraud If convicted Silnikau Kadariya and Tarasov face maximum penalties of 27 years in prison for wire fraud conspiracy 10 years in prison for computer fraud conspiracy counts and 20 years in prison on each wire fraud countppIn the Eastern District of Virginia Silnikau is charged with conspiracy to commit computer fraud and abuse conspiracy to commit wire fraud conspiracy to commit access device fraud and two counts each of wire fraud and aggravated identity theft He faces a mandatory minimum of two years in prison and a maximum penalty of 20 years in prisonppThe US Department of State has also announced a reward of up to 25 million through its Transnational Organized Crime TOC Rewards Program for information that leads to the arrest or conviction of Kadariya Information that may be eligible for the reward can be submitted by email at MostWantedusssdhsgov ppThe US Secret Service and FBI Kansas City Field Office are investigating the case in the District of New Jersey and the US Secret Service is investigating the case in the Eastern District of Virginia The Department also appreciates the extensive cooperation and coordination by the United Kingdoms National Crime Agency and Crown Prosecution Service over the course of several years as well as significant support provided by the Security Service of Ukraine Cyber Department and Prosecutor Generals Office Guardia Civil of Spain Spanish Ministry of Justice and the Public Prosecutors Office at the Audiencia Nacional Policia Judiciaria of Portugal GermanyBundeskriminalamt BKA and Landeskriminalamt LKA Berlin and Polish authorities in particular assistance provided by Polands Central Cybercrime Bureau Border Guard Ministry of Justice and National Prosecutors OfficeppSenior Counsel Aarash A Haghighat Cyber Operations International Liaison Louisa K Becker and Trial Attorney Christen Gallagher of the Criminal Divisions Computer Crime and Intellectual Property Section CCIPS and Assistant US Attorney Samantha Fasanello Chief of the NarcoticsOCDETF Unit for the District of New Jersey are prosecuting Silnikau and his codefendants in the District of New Jersey Assistant US Attorneys Andrew M Trombly Chief of the General Crimes Unit for New Jersey and Christopher Oakley for the District of Kansas also provided substantial assistance to the New Jersey case Assistant US Attorneys Jonathan Keim and Zoe Bedell are prosecuting the case in the Eastern District of VirginiappThe Justice Departments Office of International Affairs also provided substantial assistance in the extradition of Silnikau and collection of evidenceppAn indictment is merely an allegation All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of lawppView the District of New Jersey indictment hereppView the Eastern District of Virginia indictment hereppA crucial element of the Justice Departments fight against white collar crime is transparency being clear about what we at the department are doing and why As someone whoppA US government employee working overseas was charged with unlawfully transmitting two highly sensitive classified documents last monthppFarhad Shakeri 51 of Iran Carlisle Rivera also known as Pop 49 of Brooklyn New York and Jonathon Loadholt 36 of Staten Island New York were charged today in appOffice of Public Affairs
US Department of Justice
950 Pennsylvania Avenue NW
Washington DC 20530ppOffice of Public Affairs Direct Line
2025142007ppDepartment of Justice Main Switchboard
2025142000ppSignup for Email Updates
Social MediappppHave a question about Government Servicesp
Official websites use gov
A gov website belongs to an official government organization in the United States
pp
Secure gov websites use HTTPS
A lock
Lock
Locked padlock
or https means youve safely connected to the gov website Share sensitive information only on official secure websites
ppArchived NewsppPara Notícias en EspañolppWASHINGTON A Belarussian and Ukrainian dualnational charged in both the District of New Jersey and Eastern District of Virginia with leading international computer hacking and wire fraud schemes made his initial appearance in Newark New Jersey today after being extradited from PolandppAs alleged in court documents unsealed today Maksim Silnikau also known as Maksym Silnikov 38 led two multiyear cybercrime schemes At different points Silnikau has been associated with the online monikers JP Morgan xxx and lansky among othersppIn the District of New Jersey Silnikau along with alleged coconspirators Volodymyr Kadariya a Belarussian and Ukrainian national 38 and Andrei Tarasov a Russian national 33 are charged with cybercrime offenses associated with a scheme to transmit the Angler Exploit Kit other malware and online scams to the computers of millions of unsuspecting victim internet users through online advertisements socalled malvertising and other means from October 2013 through March 2022 In the Eastern District of Virginia Silnikau is charged for his role as the creator and administrator of the Ransom Cartel ransomware strain and associated ransomware operations beginning in May 2021ppToday the Justice Department takes another step forward in disrupting ransomware actors and malicious cybercriminals who prey on victims in the US and around the world said Deputy Attorney General Lisa Monaco As alleged for over a decade the defendant used a host of online disguises and a network of fraudulent ad campaigns to spread ransomware and scam US businesses and consumers Now thanks to the hard work of federal agents and prosecutors along with Polish law enforcement colleagues Maksim Silnikau must answer these grave charges in an American courtroom ppThis arrest underscores a longterm investigation by the US Secret Service in coordination with foreign domestic and private partners of cybercrime organizations that allegedly distributed the notorious Angler Exploit Kit conducted malvertising and operated the Ransom Cartel ransomware organization said Assistant Director of Investigations Brian Lambert of the US Secret Service Cybercriminals should know that even if they attempt to hide their criminal conduct behind the anonymity of the internet that eventually through the dedication of international law enforcement professionals they will be apprehended and held accountable for their actionsppSilnikau and his coconspirators allegedly used malware and various online scams to target millions of unsuspecting internet users in the United States and around the world said FBI Deputy Director Paul Abbate They hid behind online aliases and engaged in complex farreaching cyber fraud schemes to compromise victim devices and steal sensitive personal information The FBI will continue to work with partners to aggressively impose costs on cybercriminals and hold them accountable for their actionsppAs alleged in the indictment Silnikau and his coconspirators distributed online advertisements to millions of internet users for the purpose of delivering malicious content said Principal Deputy Assistant Attorney General Nicole M Argentieri head of the Justice Departments Criminal Division These ads appeared legitimate but were actually designed to deliver malware that would compromise users devices or to deliver scareware designed to trick users into providing their sensitive personal information Silnikaus arrest and extradition demonstrate that working with its domestic and international partners the Criminal Division is committed to bringing cybercriminals who target US victims to justice no matter where they are locatedppThese conspirators are alleged to have operated a multiyear scheme to distribute malware onto the computers of millions of unsuspecting internet users around the globe said US Attorney Philip R Sellinger for the District of New Jersey To carry out the scheme they used malicious advertising or malvertising to trick victims into clicking on legitimateseeming internet ads Instead the victims would be redirected to malicious internet sites that delivered malware to their devices giving the conspirators access to the victims personal information The conspirators then sold that access and information to other cybercriminals on the dark net Throughout the scheme the conspirators attempted to hide their identities from law enforcement including by using fraudulent aliases and online personasppThis case reemphasizes the importance of both cybersecurity and our crucial law enforcement partnerships worldwide said US Attorney Jessica D Aber for the Eastern District of Virginia Online threats emerge within the digital ecosystem among those who exploit the very tools that help us connect and collaborate In turn we must maximize our investigative collaborations globally to address those threats This investigation demonstrates the positive results of leveraging international partnerships to combat international crimesppThe FBI will continue to work alongside our partners both overseas and in the states to identify and dismantle cyber threats and to pursue those criminals who attempt to target and defraud victims in the United States said Special Agent in Charge Stephen Cyrus of the FBI Kansas City Field OfficeppDistrict of New Jersey IndictmentppAccording to the indictment unsealed in the District of New Jersey from October 2013 through March 2022 Silnikau Kadariya Tarasov and others in Ukraine and elsewhere used malvertising and other means to deliver malware scareware and online scams to millions of unsuspecting Internet users in the United States and elsewhere The malvertising campaigns were designed to appear legitimate but often redirected victim Internet users who viewed or accessed the advertisements to malicious sites and servers that sought to defraud the users or delivered malware to the users devices The conspirators scheme caused unsuspecting Internet users to be forcibly redirected to malicious content on millions of occasions and defrauded and attempted to defraud various USbased companies involved in the sale and distribution of legitimate online advertisementsppOne strain of malware that Silnikau and others allegedly took a leading role in disseminating was the Angler Exploit Kit which targeted webbased vulnerabilities in Internet browsers and associated plugins At times during the scheme the Angler Exploit Kit was a leading vehicle through which cybercriminals delivered malware onto compromised electronic devices The conspirators also allegedly enabled the delivery of scareware ads that displayed false messages claiming to have identified a virus or other issue with a victim Internet users device The messages then attempted to deceive the victim into buying or downloading dangerous software providing remote access to the device or disclosing personal identifying or financial informationppFor years the conspirators tricked advertising companies into delivering their malvertising campaigns by using dozens of online personas and fictitious entities to pose as legitimate advertising companies They also developed and used sophisticated technologies and computer code to refine their malvertisements malware and computer infrastructure so as to conceal the malicious nature of their advertising ppAs alleged Silnikau Kadariya Tarasov and conspirators used multiple strategies to profit from their widespread hacking and wire fraud scheme including by using accounts on predominantly Russian cybercrime forums to sell to cybercriminals access to the compromised devices of victim Internet users socalled loads or bots as well as information stolen from victims and recorded in logs such as banking information and login credentials to enable further efforts to defraud the victim Internet users or deliver additional malware to their devicesppEastern District of Virginia IndictmentppAccording to the indictment unsealed in the Eastern District of Virginia Silnikau was the creator and administrator of the Ransom Cartel ransomware strain created in 2021 Silnikau allegedly had been a member of Russianspeaking cybercrime forums since at least 2005 and was a member of the notorious cybercrime website Direct Connection from 2011 to 2016 when the site was shuttered after the arrest of its administratorppBeginning in May 2021 Silnikau allegedly developed a ransomware operation and began recruiting participants from cybercrime forums On various occasions Silnikau allegedly distributed information and tools to Ransom Cartel participants including information about compromised computers such as stolen credentials and tools such as those designed to encrypt or lock compromised computers Silnikau also allegedly established and maintained a hidden website where he and his coconspirators could monitor and control ransomware attacks communicate with each other communicate with victims including sending and negotiating payment demands and manage distribution of funds between coconspiratorsppOn Nov 16 2021 Silnikau allegedly executed a ransomware attack on a company based in New York and on March 5 2022 Ransom Cartel ransomware was deployed against a company based in California The hackers removed confidential data without authorization and demanded a monetary payment to refrain from releasing the victims datappIn the District of New Jersey Silnikau Kadariya and Tarasov are charged with conspiracy to commit wire fraud conspiracy to commit computer fraud and two counts of substantive wire fraud If convicted Silnikau Kadariya and Tarasov face maximum penalties of 27 years in prison for wire fraud conspiracy 10 years in prison for computer fraud conspiracy counts and 20 years in prison on each wire fraud countppIn the Eastern District of Virginia Silnikau is charged with conspiracy to commit computer fraud and abuse conspiracy to commit wire fraud conspiracy to commit access device fraud and two counts each of wire fraud and aggravated identity theft He faces a mandatory minimum of two years in prison and a maximum penalty of 20 years in prisonppThe US Department of State has also announced a reward of up to 25 million through its Transnational Organized Crime TOC Rewards Program for information that leads to the arrest or conviction of Kadariya Information that may be eligible for the reward can be submitted by email at MostWantedusssdhsgov ppThe US Secret Service and FBI Kansas City Field Office are investigating the case in the District of New Jersey and the US Secret Service is investigating the case in the Eastern District of Virginia The Department also appreciates the extensive cooperation and coordination by the United Kingdoms National Crime Agency and Crown Prosecution Service over the course of several years as well as significant support provided by the Security Service of Ukraine Cyber Department and Prosecutor Generals Office Guardia Civil of Spain Spanish Ministry of Justice and the Public Prosecutors Office at the Audiencia Nacional Policia Judiciaria of Portugal GermanyBundeskriminalamt BKA and Landeskriminalamt LKA Berlin and Polish authorities in particular assistance provided by Polands Central Cybercrime Bureau Border Guard Ministry of Justice and National Prosecutors OfficeppSenior Counsel Aarash A Haghighat Cyber Operations International Liaison Louisa K Becker and Trial Attorney Christen Gallagher of the Criminal Divisions Computer Crime and Intellectual Property Section CCIPS and Assistant US Attorney Samantha Fasanello Chief of the NarcoticsOCDETF Unit for the District of New Jersey are prosecuting Silnikau and his codefendants in the District of New Jersey Assistant US Attorneys Andrew M Trombly Chief of the General Crimes Unit for New Jersey and Christopher Oakley for the District of Kansas also provided substantial assistance to the New Jersey case Assistant US Attorneys Jonathan Keim and Zoe Bedell are prosecuting the case in the Eastern District of VirginiappThe Justice Departments Office of International Affairs also provided substantial assistance in the extradition of Silnikau and collection of evidenceppAn indictment is merely an allegation All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of lawppView the District of New Jersey indictment hereppView the Eastern District of Virginia indictment hereppA crucial element of the Justice Departments fight against white collar crime is transparency being clear about what we at the department are doing and why As someone whoppA US government employee working overseas was charged with unlawfully transmitting two highly sensitive classified documents last monthppFarhad Shakeri 51 of Iran Carlisle Rivera also known as Pop 49 of Brooklyn New York and Jonathon Loadholt 36 of Staten Island New York were charged today in appOffice of Public Affairs
US Department of Justice
950 Pennsylvania Avenue NW
Washington DC 20530ppOffice of Public Affairs Direct Line
2025142007ppDepartment of Justice Main Switchboard
2025142000ppSignup for Email Updates
Social MediappppHave a question about Government Servicesp
