The U.S. Department of Justice announced wire and computer fraud charges against Russian initial access broker Evgeniy Doroshenko, also known as Flanker and FlankerWWH, for allegedly engaging in the sale of access to U.S. corporate networks in a Russian cybercrime forum between February 2019 and May 2024, BleepingComputer reports.
Aside from mentioning FlankerWWH's alleged sale of access to a New Jersey-based firm in January, the indictment also noted another operation by Doroshenko that involved the theft of data worth more than $5,000.
Access to the New Jersey company was discovered by BleepingComputer to have been sold at a starting price of $3,000 or a buy-now price of $6,000, while further analysis of the malicious activity revealed that FlankerWWH sought assistance in decoding NTLM hashes, omitting Excel spreadsheet passwords, and communicating with a keylogger developer after conducting network breaches through brute-force attacks against Remote Desktop Protocol services.
Doroshenko could be imprisoned for up to 20 years for wire fraud and five years for computer fraud, as well as fined $250,000 for each offense, should he be arrested and convicted for the charges.