U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage

A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations.

According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks across the U.S., causing more than $9 million in actual losses and over $24 million in intended losses. Volkov was arrested on January 18, 2024, in Italy and extradited to the U.S. to face charges. He pleaded guilty to the crimes in November 2025.

Volkov is said to have served as an initial access broker responsible for obtaining unauthorized access to computer networks and systems belonging to various organizations and selling that access to other criminal groups, including ransomware actors. This was accomplished by exploiting vulnerabilities or finding ways to access the networks without authorization.

✔ Approved Seller From Our Partners

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount

“Volkov’s co-conspirators then used the access Volkov provided to infect the affected computer networks and systems with malware,” the DoJ said. “This malware encrypted the victims’ data and prevented the victims from accessing it, damaging their business operations.”

“The conspirators then demanded that the victims pay them a ransom in cryptocurrency — sometimes in the tens of millions of dollars — in exchange for restoring the victims’ access to the data and promising not to publicly disclose the hack or release victims’ stolen data on a ‘leak’ website.”

Every time a victim paid a ransom, Volkov received a share of the illicit proceeds. He was charged with unlawful transfer of a means of identification, trafficking in access information, access device fraud, and aggravated identity theft, in addition to two counts of computer fraud and conspiracy to commit money laundering.

As part of the guilty plea, the defendant has agreed to pay full restitution to victims, including at least $9,167,198 to known victims to compensate them for their actual losses, along with forfeiting the tools used to pull off the crimes.

U.S. Charges Third Ransomware Negotiator Linked to BlackCat Attacks

The disclosure comes as U.S. prosecutors have charged a third individual with acting as a negotiator for the BlackCat (aka ALPHV) ransomware gang, helping the threat actors extort higher payouts from at least 10 victims. The 41-year-old man, Angelo Martino (previously identified only as “Co-Conspirator 1”), worked as a ransomware negotiator for DigitalMint.

Authorities have confiscated nearly $9.2 million in five types of cryptocurrency (Bitcoin, Monero, Ripple, Solana, and Stellar) from 21 wallets controlled by Martino, in addition to seizing luxury vehicles and properties. He faces up to 20 years in prison. Two other incident responders, Ryan Clifford Goldberg and Kevin Tyler Martin, pleaded guilty to their roles as BlackCat affiliates in December 2025.

In a statement shared with The Record, DigitalMint said the actions were in violation of the company’s policy and ethical standards, and that it had terminated both Martino and Martin after their behavior came to light.

“DigitalMint condemns these individuals’ criminal behavior, which is a clear violation of our values, our ethical standards, and the law,” it said. “Our firm and industry both exist to support organizations suffering from the impacts of a cyberattack, and this runs completely counter to what we stand for.”

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.