US offers $2.5 million reward for information on Belarusian hacker
The U.S. Department of State is offering a reward of up to $2.5 million for information leading to the arrest or conviction of Belarusian national Volodymyr Kadariya, who is suspected of involvement in a “significant malware organization.”
Kadariya, 38, also known by his aliases “Stalin,” “Eseb” and “baxus,” allegedly transmitted the Angler Exploit Kit and other malware to the computers “of millions of unsuspecting victims” using online advertisements from October 2013 through March 2022.
At that time, the Angler Exploit Kit “was a leading vehicle through which cybercriminals delivered malware onto compromised electronic devices,” the U.S. Department of State said in a statement on Monday. At its peak, Angler represented 40% of all exploit kit infections, targeting around 100,000 devices and generating an estimated annual turnover of around $34 million, according to the British National Crime Agency (NCA).
Kadariya was indicted in June and charged with financial and computer fraud. The malvertising campaigns he was involved in were designed to appear legitimate but often redirected victims to malicious websites designed to defraud them or infect their devices with malware.
Some of the ads, for example, attempted to deceive victims into buying or downloading dangerous software, providing remote access to their devices, or disclosing personal identifying or financial information.
According to the indictment, Kadariya and his associates profited by selling access to compromised devices on Russian cybercrime forums, as well as information stolen from victims and recorded in “logs,” such as banking information and login credentials.
Earlier in August, Kadariya’s co-conspirator, Belarusian-Ukrainian national Maksim Silnikau, was arrested and extradited to the U.S. He led two multi-year cybercrime schemes and created the first-ever ransomware-as-a-service business model — a product called Reveton — which allowed low-skilled criminals to launch ransomware attacks for a fee.
Silnikau was also allegedly behind the Angler Exploit Kit. If convicted, Silnikau, Kadariya and their third partner, Andrei Tarasov, could face maximum sentences of 27 years in prison for wire fraud conspiracy, 10 years for computer fraud conspiracy and 20 years in prison on each wire fraud count.
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.