U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage

U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage Ravie LakshmananMar 24, 2026Cybercrime / Network Security A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations. According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks across the U.S., causing more than $9 million in actual losses and over $24 million in intended losses. Volkov was arrested on January 18, 2024, in Italy and extradited to the U.S. to face charges. He pleaded guilty to the crimes in November 2025. Volkov is said to have served as an initial access broker responsible for obtaining unauthorized access to computer networks and systems belonging to various organizations and selling that access to other criminal groups, including ransomware actors. This was accomplished by exploiting vulnerabilities or finding ways to access the networks without authorization. "Volkov's co-conspirators then used the access Volkov provided to infect the affected computer networks and systems with malware," the DoJ said. "This malware encrypted the victims' data and prevented the victims from accessing it, damaging their business operations." "The conspirators then demanded that the victims pay them a ransom in cryptocurrency — sometimes in the tens of millions of dollars — in exchange for restoring the victims' access to the data and promising not to publicly disclose the hack or release victims’ stolen data on a 'leak' website." Every time a victim paid a ransom, Volkov received a share of the illicit proceeds. He was charged with unlawful transfer of a means of identification, trafficking in access information, access device fraud, and aggravated identity theft, in addition to two counts of computer fraud and conspiracy to commit money laundering. As part of the guilty plea, the defendant has agreed to pay full restitution to victims, including at least $9,167,198 to known victims to compensate them for their actual losses, along with forfeiting the tools used to pull off the crimes. U.S. Charges Third Ransomware Negotiator Linked to BlackCat Attacks The disclosure comes as U.S. prosecutors have charged a third individual with acting as a negotiator for the BlackCat (aka ALPHV) ransomware gang, helping the threat actors extort higher payouts from at least 10 victims. The 41-year-old man, Angelo Martino (previously identified only as "Co-Conspirator 1"), worked as a ransomware negotiator for DigitalMint. Authorities have confiscated nearly $9.2 million in five types of cryptocurrency (Bitcoin, Monero, Ripple, Solana, and Stellar) from 21 wallets controlled by Martino, in addition to seizing luxury vehicles and properties. He faces up to 20 years in prison. Two other incident responders, Ryan Clifford Goldberg and Kevin Tyler Martin, pleaded guilty to their roles as BlackCat affiliates in December 2025. In a statement shared with The Record, DigitalMint said the actions were in violation of the company's policy and ethical standards, and that it had terminated both Martino and Martin after their behavior came to light. "DigitalMint condemns these individuals' criminal behavior, which is a clear violation of our values, our ethical standards, and the law," it said. "Our firm and industry both exist to support organizations suffering from the impacts of a cyberattack, and this runs completely counter to what we stand for." Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  cryptocurrency, Cybercrime, cybersecurity, data breach, identity theft, law enforcement, Malware, network security, ransomware Trending News Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026 Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents and More Veeam Patches 7 Critical Backup and Replication Flaws Allowing Remote Code Execution Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8 ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack and More CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths Load More ▼ Popular Resources Get the 2026 ASV Report to Benchmark Top Validation Tools Webinar - Identify Key Attack Paths to Your Crown Jewels with CSMA Guide - Discover How to Validate AI Risks With Adversarial Testing Fix Security Noise by Focusing Only on Validated Exposures