The U.S. Department of Justice described Vyacheslav Igorevich Penchukov as a leader of two prolific malware groups that infected thousands of computers with malicious software.
He was arrested in Geneva, Switzerland, in 2022 and extradited to the U.S. last year.
VYACHESLAY IGOREVICH PENCHUKOV
Vyacheslav Igorevich Penchukov is also known as Vyacheslav Igorevich Andreev.
In February, Penchukov, 38, pleaded guilty to conspiracy to commit racketeering in Nebraska and wire fraud in North Carolina as part of a plea agreement in which both sides agreed to a nine-year prison sentence.
At sentencing, Assistant U.S. Attorney John Higgins said the government was seeking $75,667,360 in restitution and that, as part of the deal, Penchukov agreed to forfeit $41,522,748, covering the full amount of loss connected to the Nebraska case and 36% of the loss in the North Carolina case.
Penchukov offered an apology to anyone affected by his cyber crime activity. He said he had gotten involved in criminal activity at a young age.
"And I didn't think about the possible consequences, and I didn't think that real people were behind those computers," he said.
Penchukov said only when he arrived in the United States did he "realize the real situation."
Now, in phone calls, his young son asks him when he'll get to come home and when the war in Ukraine will be over. He said following his sentencing that he hoped to be able to give him at least one answer.
The Department of Justice said Penchukov, also known as "Tank," helped lead a wide-ranging racketeering enterprise and conspiracy that infected thousands of business computers with malicious software known as "Zeus" beginning in 2009.
After installing "Zeus" on victims’ computers, the schemers used the malicious software to capture bank account information, passwords and PINs and other information necessary to log into online banking accounts.
At least two businesses in Nebraska and Iowa were targeted by Zeus malware in 2009 and 2010, according to the U.S. Department of Justice. In one case, a Council Bluffs business had nearly $60,000 removed from its account with First National Bank of Omaha by someone posing as an employee.
Two other Ukrainian men indicted alongside Penchukov in 2012 were extradited to the U.S. from the United Kingdom in 2014 on charges related to the Zeus ransomware. Multiple others alleged to have been involved remain on the FBI's most wanted list.
Beginning in 2018, according to the DOJ, Penchukov and co-conspirators began another scheme using a malware known as IcedID or Bokbot, activated when victims opened attachments in spam emails.
In October 2020, the University of Vermont Medical Center fell victim to the scheme, resulting in a loss of over $30 million and leaving the medical center unable to provide many critical patient services for more than two weeks.
©2024 Lincoln Journal Star, Distributed by Tribune Content Agency, LLC.
