An Estonian man was sentenced on March 25 to 66 months in prison for his years-long role in furthering and facilitating computer intrusions, the movement of fraudulently obtained goods and funds, and the monetization of stolen financial account information. He also participated in ransomware attacks causing over $53 million in losses and was ordered to pay over $36 million in restitution.
According to court documents, Maksim Berezan, 37, of Estonia, who was apprehended in Latvia and extradited to the United States, pleaded guilty in April 2021 to conspiracy to commit wire fraud affecting a financial institution and conspiracy to commit access device fraud and computer intrusions. Berezan was an active member of an exclusive online forum designed for Russian-speaking cybercriminals to gather safely and exchange their criminal knowledge, tools, and services. From 2009 through 2015, Berezan not only furthered the criminal aims of the forum, but he also worked closely with forum members and other cybercriminals for purposes of obtaining and exploiting stolen financial account information.
According to court documents, following Berezan’s arrest, investigators uncovered within his electronic devices evidence of his involvement in ransomware activities. The post-extradition investigation determined that Berezan had participated in at least 13 ransomware attacks, seven of which were against U.S. victims, and that approximately $11 million in ransom payments flowed into cryptocurrency wallets that he controlled. Berezan used his ill-gotten gains to purchase two Porsches, a Ducati motorcycle, and an assortment of jewelry. In addition, authorities recovered from Berezan’s residence currency worth more than $200,000 and electronic devices storing passphrases to bitcoin wallets that contained bitcoin worth approximately $1.7 million, which has been forfeited.
“This case is a prime example of how the Department of Justice can leverage its traditional tools – criminal investigations and prosecutions – to combat ransomware,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. “Many of the world’s ransomware players began as fraudsters engaged in other types of online crimes, and this case demonstrates that their crimes will catch up to them. The United States is committed to working with its international partners to hold cybercriminals accountable.”