Skip to content Skip to footer

FBI’s Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

Vyacheslav Igorevich Penchukov, a 37-year-old Ukrainian national, has pleaded guilty to his involvement in two schemes: Zeus and IcedID. The two groups, of which he was a leader, infected thousands of computers with between May 2009 and February 2021, leading to and the theft of millions of dollars. Penchukov, also known as Vyacheslav Igoravich Andreev, father, and tank, was arrested by Swiss authorities in October 2022 and extradited to the U.S. in the same year. He was added to the FBI's most-wanted list in 2012.

According to the U.S. Department of Justice (DoJ), Penchukov played a vital role in the Jabber Zeus group, a wide-ranging racketeering enterprise that utilized the Zeus banking to steal bank account information, passwords, personal identification numbers, and other details necessary to login to online banking accounts. Penchukov and his co-conspirators, masquerading as employees of the victims, initiated unauthorized fund transfers and used individuals residing in the U.S. and other parts of the world as “money mules” to receive the wired funds. The funds were ultimately funneled to overseas accounts controlled by Penchukov and his associates. A successor to Zeus was dismantled in 2014.

Penchukov was also accused of facilitating malicious activity by helping lead attacks involving the IcedID (aka BokBot) from at least November 2018. The can act as an information stealer and a loader for other payloads, such as .

Investigative journalist Brian Krebs reported in 2022 that Penchukov managed to evade prosecution by Ukrainian cybercrime investigators for many years due to his political connections with former Ukrainian President Victor Yanukovych. However, following his arrest and extradition, Penchukov pleaded guilty to one count of conspiracy to commit a racketeer-influenced and corrupt organization (RICO) act offense for his leadership role in the Jabber Zeus group. He also pleaded guilty to one count of conspiracy to commit wire fraud for his leadership role in the IcedID group.

Penchukov is set to be sentenced on May 9, 2024, and faces a maximum penalty of 20 years in prison for each count.

The DoJ also recently announced the extradition of a 28-year-old Ukrainian national, Mark Sokolovsky, from the Netherlands in connection with fraud, money laundering, and aggravated identity theft. Sokolovsky was arrested by Dutch authorities in March 2022 and accused of operating and advertising an information stealer known as Raccoon. Sokolovsky leased Raccoon to other cybercriminals on a malware-as-a-service () model for $200 monthly. It first became available in April 2019.

According to the FBI estimates, the Raccoon malware has harvested at least 50 million unique credentials and forms of identification. Sokolovsky's arrest was accompanied by a coordinated takedown of Raccoon's digital infrastructure. Still, a new version of the malware has since emerged.

Want to read more? Check out the original article available at The Hacker News!

Read More

Leave a comment

Newsletter Signup

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

There is no right and wrong. There's only fun and boring.The Plague

Deitasoft © 2024. All Rights Reserved.