Hacker sentenced after enabling ransomware attacks against United States organizations.
A Russian hacker has been sentenced in a United States federal court for helping cybercrime groups carry out ransomware attacks that targeted companies and organizations across the country. Federal officials announced that 26-year-old Aleksei Volkov received a prison sentence of 81 months after pleading guilty to multiple criminal charges connected to hacking operations that caused millions of dollars in losses. Authorities said the attacks affected numerous victims and disrupted business operations by locking organizations out of their own computer systems.
Court records describe the Russian hacker as an “initial access broker,” a role within cybercrime networks that focuses on breaking into computer systems and then selling that access to other criminals. Investigators said he searched for weaknesses in corporate networks, gained unauthorized entry, and passed that access to ransomware groups, including one known as Yanluowang. These groups then installed malicious software that encrypted files and prevented companies from accessing important data. Victims were told they had to pay large sums of money, often in cryptocurrency, to regain access and avoid having stolen information released publicly.
Federal prosecutors stated that the attacks resulted in more than $9 million in confirmed financial losses and more than $24 million in intended losses. Some organizations paid ransom demands in hopes of restoring operations, while others refused and later saw confidential information posted online. According to court filings, the defendant received a portion of ransom payments after successful attacks. He admitted involvement in hacking networks, stealing data, distributing ransomware, and participating in money laundering activities tied to the scheme.
The case involved cooperation between several international and domestic law enforcement agencies. Italian police arrested the Russian hacker in Rome before he was extradited to the United States to face charges filed in federal courts in Indiana and Pennsylvania. The cases were later combined, and he pleaded guilty to offenses including identity theft, trafficking in stolen access information, computer fraud conspiracy, and money laundering conspiracy. As part of the sentence, he must pay restitution totaling more than $9.1 million to victims and surrender equipment used during the crimes.
Investigators from the Federal Bureau of Investigation led the case, working alongside prosecutors from the Justice Department’s Computer Crime and Intellectual Property Section and multiple U.S. Attorney’s Offices. Officials said international cooperation played a major role in bringing the defendant into U.S. custody, highlighting how cybercrime investigations often cross national borders. Authorities emphasized that ransomware operations frequently rely on networks of specialized actors, each performing different roles such as gaining system access, deploying malware, or handling payments.
Federal officials continue to warn that ransomware remains one of the most serious cyber threats facing businesses, hospitals, schools, and government agencies. Attacks can halt operations, expose sensitive information, and create lasting financial damage. Law enforcement agencies say targeting individuals who supply access to criminal groups is an important step in slowing ransomware activity. Prosecutors noted that holding participants accountable, even when located overseas, sends a message that cybercrime can carry significant legal consequences.
The case reflects ongoing efforts by federal agencies to respond to evolving digital threats through coordinated investigations and international partnerships. Authorities said continued collaboration between governments and law enforcement organizations is necessary to identify cybercriminal networks, protect victims, and prevent future attacks. Officials added that businesses are encouraged to strengthen cybersecurity practices as ransomware groups continue to search for new vulnerabilities.
Sources:
Russian Access Broker Sentenced to 81 Months for Fueling US Ransomware Attacks
Join the conversation!