Cyber chronicle, 17.11.2022, 10:00 AM
A 40-year-old Ukrainian, Vyacheslav Penchukov, one of the leaders of the notorious JabberZeus gang, was arrested in Geneva last month and will be extradited to the United States, the Swiss Federal Office of Justice (FOJ) confirmed.
Penchukov, who is known as the hacker “Tank” and has been wanted for 10 years, is on the FBI’s most wanted criminals list. He was “arrested on October 23 at the behest of the Federal Office of Justice (FOJ) and based on a US extradition request and detained pending extradition,” Swiss prosecutors said.
Although Penchukov formally objected to the extradition request during a hearing on October 24, the FIU decided on Tuesday that he should be extradited to the US. He can appeal this decision to the Swiss Federal Criminal Court and then to the Swiss Supreme Court.
About the arrest of Penchukov first reported by well-known journalist Brian Krebs, referring to “multiple sources”. Krebs reported that Penchukov, who is originally from Donetsk, was traveling to Geneva to meet his wife when he was detained.
The US Department of Justice first accused Penchukov in 2012 of being involved in a conspiracy to steal millions of dollars that used bank account numbers, passwords and other sensitive information stolen using the notorious “Zeus” malware.
In a new indictment filed in 2014 by the Nebraska District Attorney’s Office he is accused, along with eight others, of being part of a “large racketeering enterprise and conspiracy that infected thousands of business computers with malware known as “Zeus”.” The indictment alleges “that the Zeus malware stole passwords, account numbers and other information necessary to log into bank accounts” from which the defendants transferred money to the accounts of mullahs who took a commission for the service before the stolen funds ended up in the hands of the leaders groups.
All those named in the indictment are accused of racketeering, computer fraud, identity theft and bank fraud.
Two of Penchukov’s accomplices, Ukrainian citizens Jevhen Kulibaba and Yuriy Konovalenko, pleaded guilty in November 2014 after being extradited to the United States from Great Britain and were sentenced to two years and ten months in prison in May 2015.
Penchukov was also one of the managers of Maze and Egregor ransomware operations.
Maze ransomware has popularized double extortion attacks, where attackers steal data and use it as an additional tool to pressure victims into paying a ransom. Maze was later renamed to operations Egregor and Sekhmet to avoid problems with the police.
Penchukov was among the suspects arrested in January 2021 by Ukrainian police following an international operation targeting members of the Egregor ransomware gang. However, according to Krebs’ information, he managed to avoid prosecution with the help of political connections he had, including the late son of former Ukrainian president Viktor Yanukovych, who now lives in Russia.