US Prisons Russian Access Broker for Aiding Ransomware Attacks

The US Justice Department announced this week that Russian national Aleksei Volkov has been sentenced to 81 months in prison for his role in ransomware attacks.  Volkov, 26, has been accused of taking part in Yanluowang ransomware attacks that caused more than $9 million in losses — the cybercriminals attempted to extort $24 million in ransom from targeted organizations, the DOJ said. The man served as an initial access broker for the operation, gaining access to the targeted organizations’ systems and then handing over that access to other members of the operation, who specialized in malware deployment and data theft. Following his indictment, Volkov was arrested by Italian police in Rome and later extradited to the US to stand trial. The hacker pleaded guilty in November 2025, admitting that he and his co-conspirators hacked into company networks, stole data, deployed ransomware, and demanded a ransom payment.  In addition to the prison sentence, the Russian national has agreed to pay more than $9 million in restitution to victims.  The Yanluowang ransomware group was active in 2021 and 2022. It made headlines in late 2021 for targeting financial corporations and other types of organizations in the United States.  One of the cybercrime gang’s most notable attacks was against Cisco. Information shared by the networking giant in mid-2022 attributed the attack to an initial access broker with ties to the Russia-linked threat actor UNC2447 and to Lapsus$. Related: Russian Ransomware Operator Pleads Guilty in US Related: Dutch Port Hacker Sentenced to Prison Related: 3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China WRITTEN BY Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs Stryker Says Malicious File Found During Probe Into Iran-Linked Attack M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability Critical Quest KACE Vulnerability Potentially Exploited in Attacks US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation Marquis Data Breach Affects 672,000 Individuals CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Latest News RSAC 2026 Conference Announcements Summary (Day 2) From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI HackerOne Employee Data Exposed in Massive Navia Breach DoE Publishes 5-Year Energy Security Plan Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector RSAC 2026 Conference Announcements Summary (Day 1) Extortion Group Claims It Hacked AstraZeneca Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move The US Senate confirmed Markwayne Mullin as DHS Secretary. 7AI has appointed Israel Barak as its first Chief Information Security Officer. Brian Harrell has been appointed Chief Security Officer at FirstEnergy. More People On The Move Expert Insights Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How To 10x Your Vulnerability Management Program In The Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose A Critical Flaw In Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat As Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) Flipboard Reddit Whatsapp Email