A prolific cybercriminal known as J.P.Morgan has been arrested following a coordinated international police investigation.
On July 18, 2023, a day of action was conducted after charges were brought in the US against several individuals. The Guardia Civil, supported by the UK’s National Crime Agency and US officers, apprehended 38-year-old Maksim Silnikau, also known as Maksym Silnikov, in an apartment in Estepona, Spain.
Investigators determined that Silnikau and his associates were responsible for the creation and distribution of notorious ransomware strains, including Reveton and the more recent Ransom Cartel, as well as exploit kits like Angler. These efforts have extorted tens of millions from victims around the globe.
Two other individuals, Vladimir Kadariya, 38, from Belarus, and Andrei Tarasov, 33, from Russia, are also facing charges in the US for their alleged key roles in J.P. Morgan’s crime group.
Silnikau’s criminal activities date back to at least 2011, when he introduced Reveton, the first ransomware-as-a-service business model. This model provided a toolkit that enabled less skilled offenders to launch effective ransomware attacks for a fee.
Victims of Reveton received messages that falsely appeared to come from law enforcement, locking their screens and accusing them of downloading illegal content such as child abuse material and copyrighted programs. This scam reportedly extorted around $400,000 from victims every month between 2012 and 2014.
J.P. Morgan’s network also developed and distributed various exploit kits, including the notorious Angler Exploit Kit, which they employed in ‘malvertising’ campaigns. These campaigns typically involved purchasing legitimate advertising space and embedding malicious exploit kits within the ads.
Once a victim’s device was infected, cybercriminals could exploit it in multiple ways, often stealing banking credentials and sensitive personal information, potentially forcing victims to pay a ransom to avoid having their data published online.
At its peak, Angler accounted for 40% of all exploit kit infections, targeting approximately 100,000 devices and generating an estimated annual revenue of around $34 million.
Paul Foster, deputy director of the National Crime Agency and head of the National Cyber Crime Unit, stated, “Alongside causing significant reputational and financial damage, their scams led victims to experience severe stress and anxiety. Their impact extends beyond the attacks they initiated, as they essentially pioneered both the exploit kit and ransomware-as-a-service models, making it easier for others to engage in cybercrime and continuing to support offenders.”