Yanluowang ransomware gang’s IAB admits guilt

CyberScoop reports that Russian national Aleksei Olegovich Volkov, an initial access broker for the Yanluowang ransomware group, has entered a guilty plea over his role in compromising seven organizations across the U.S. between July 2021 and November 2022.

After identifying organizations to be targeted and abusing system vulnerabilities, Volkov, also known as chubaka.kor, proceeded to provide access to co-conspirators, who were then able to demand ransoms totaling $24 million from all of the victims, according to prosecutors.

Volkov, who was extradited to the U.S. after being apprehended in Rome in January 2024, admitted guilt to half a dozen charges, including access device fraud, unlawful transfer of a means of identification, trafficking in access information, aggravated identity theft, conspiracy to commit money laundering, and conspiracy to commit computer fraud, which could lead to up to 53 years of imprisonment.

Moreover, almost $9.2 million in restitution has been ordered to be paid to the affected organizations as part of Volkov's plea deal.