Fraud Management & Cybercrime , Ransomware
Ryuk-Linked Russian Pleads Guilty in US CourtRussian National Charged With Laundering More Than $400,000 for Ryuk RaaS Group
A Russian national accused of laundering proceeds from Ryuk ransomware pleaded guilty Monday in U.S. federal court to conspiracy to commit money laundering.
Federal prosecutors accused Denis Mihaqlovic Dubnikov, 30, of laundering more than $400,000 for the Ryuk ransomware-as-a-service gang. Cybercriminals deploying Ryuk often extorted hospitals, going on a ransomware binge in fall 2022 that seized the IT systems of hundreds of U.S. medical centers, amounting to one of the largest cyberattacks against the healthcare sector.
See Also: Recovering From a Cyberattack, Responding to the OCR, and Building a Cyber Resilient Posture for the Future: A Conversation with OrthoVirginia CIO, Terri Ripley
Dubnikov faced a one-count indictment filed by prosecutors after his November 2021 arrest in Amsterdam. Following his August 2022 extradition to the United States, Dubnikov entered a plea of not guilty during his first appearance in a federal courtroom in Portland, Oregon (see: Ryuk-Linked Russian Pleads Not Guilty in US Court).
Prosecutors say that Dubnikov specifically accepted 35 bitcoin in July 2019 from a co-conspirator in exchange for approximately $400,000. The cryptocurrency came directly from a ransom paid by an unidentified American company. Dubnikov converted the bitcoin to Tether stablecoin and sent it to a second co-conspirator, who eventually exchanged it for Chinese renminbi.
Dubnikov's role in laundering Ryuk proceeds was relatively minor compared to unidentified co-conspirators who laundered amounts reaching into the tens of millions.
His plea comes as the threat of ransomware shows few indications of retreating - although signs exist that digital extortion through malicious encryption is becoming a harder task for cybercriminals. Fewer victims are willing to pay as companies galvanize defenses and law enforcement mobilizes to assist victims (see: Ransomware Profits Dip as Fewer Victims Pay Extortion).
The healthcare sector nonetheless remains a high-profile target given the often-accurate belief that providers would rather pay up than disrupt medical care.
Sentencing for Dubnikov is set for April 11. He faces up to 20 years in prison and a potential fine of $500,000.