Dallas

Russian National Aleksandr Ryzhenkov Indicted in Texas for Ransomware Attacks, U.S. Treasury Sanctions Follow

AI Assisted Icon
Published on October 02, 2024
Russian National Aleksandr Ryzhenkov Indicted in Texas for Ransomware Attacks, U.S. Treasury Sanctions FollowSource: Google Street View

The Department of Justice recently unsealed an indictment against Russian national Aleksandr Viktorovich Ryzhenkov, accused of conducting multiple ransomware attacks throughout the United States, including several victims in Texas. The indictment alleges that Ryzhenkov, beginning in June 2017, and his conspirators gained unauthorized access to victim companies' computer networks, deploying a strain of ransomware, BitPaymer, to encrypt files and demand ransom for their release, as per the U.S. Attorney's Office for the Northern District of Texas.

Ryzhenkov is believed to currently be in Russia, and despite not being in US custody, his alleged online misconduct has led to severe repercussions. According to the indictment, the attackers utilized phishing campaigns, and malware, and exploited vulnerabilities to intrude and encrypt the data, then proceeded to, arguably, demand millions in ransom payments. They left electronic notes on the victims' systems with instructions on how to contact the attackers to begin the negotiation process for a decryption key.

Simultaneous with the charges, the U.S. Treasury Department's Office of Foreign Assets Control added Ryzhenkov to its list of specially designated nationals, effectively freezing his assets within the U.S. and barring businesses and financial institutions from engaging in transactions with him. As cited by the U.S. Department of Justice, Deputy Attorney General Lisa Monaco stressed the department's commitment to using "all the tools at its disposal to attack the ransomware threat from every angle."

The case is being investigated by the FBI Dallas Field Office, with prosecution led by Trial Attorney Debra L. Ireland of the Criminal Division's Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Vincent J. Mazzurco for the Northern District of Texas. The authorities have encouraged victims of ransomware to contact their local FBI field office and have provided resources at StopRansomware.gov for additional information. It is important to note that an indictment is merely an accusation; defendants are presumed innocent until proven guilty in a court of law, according to U.S. legal standards.