Aleksandr Sikerin, whose last known address was in St. Petersburg, Russia, is affiliated with a notorious ransomware gang known as REvil that has cost US businesses millions of dollars, the Justice Department alleged in a complaint filed in the Northern District of Texas Dallas Division.
The cryptocurrency account, or “wallet,” that is now under the FBI’s control is “traceable to ransomware attacks committed by Sikerin,” the complaint states.
The seizure is part of an ongoing US law enforcement effort to stymie the sources of funding for Russian and Eastern European cybercriminals following a series of damaging ransomware attacks on US infrastructure. It comes as the White House continues to appeal to Russian President Vladimir Putin to take action against hackers operating from Russian soil.
But the seizures are just a fraction of what REvil members have pocketed from their computer intrusions. From April 2019 to July 2021, victims in the US and elsewhere paid extortionists more than $200 million following hacks committed with the REvil ransomware, according to the new complaint.
The law enforcement offensive against REvil and other ransomware gangs has leaned heavily on private firms. Cybersecurity company McAfee more than two years ago identified some of the cryptocurrency accounts used by various people linked with REvil, and documented how the hackers split their ill-gotten gains.