According to US Attorney Annette L. Hayes, US District Judge Thomas S. Zilly sentenced another individual in connection with a massive “ScareWare” scam. The defendant, a 37-year-old citizen of Belarus named Alexander Mihailovski, pleaded guilty to conspiracy to commit wire fraud in 2016. Although the FBI named Mihailovski in 2012 indictment, Mihailovski avoided any run-ins with law enforcement until police in Vienna, Austria grabbed him in 2015. Authorities extradited the suspected hacker to the US in early 2016.
A coordinated cybercrime operation known as Operation Trident Tribunal identified Mihailovski through an international partner agency. As often the case with hackers, the FBI called dibs on charging and extraditing the foreign suspect. The US, additionally, stood alongside many countries that wanted to take down the group responsible for $71-million in online scams.
According to both the indictment and Judge Thomas S. Zilly, Mihailovski operated the money launderer for the group. He, long story short, operated a payment platform. The payment platform allowed the group to use proceeds from their $129 “Scareware” a lower risk of being traced. Judge Zilly said, “You provided an important part of the total scheme… by making it appear legitimate…. People who commit these crimes will be apprehended and will be punished.” Judge Zilly made the point quite clear: that the US will do anything to ensure these types of criminals face justice. He never clarified whether or not other countries received US permission to prosecute criminals in their own country—or if only the US had this right.
Operation Trident Tribunal targeted the cybercrime group that infected victim’s computers with “Scareware.” Scareware, while resembling the current cybersecurity buzzword—ransomware—in suffix alone, is an infectious piece of software that aims to scare the victim. Instead of touching a victim’s files, Scareware tries to scare the user into buying the only software that will keep the victim from other attackers. Notably, if the Scareware ever manipulated the files on a machine, it simply disabled the previously installed anti-virus.
If a user refused to purchase the group’s anti-virus, the intimidation software blocked access to a file but never deleted it. According to court documents, this rarely happened. Victims, more often than not, bought the “anti-virus” software. And that purchase went through Mihailovski’s payment processor.
US Attorney Annette L. Hayes shared her insight as to why hackers and bank robbers shared needs. “Like so many others, he thought he would get away with his crimes,” she said.
“Just like a bank robber needs a get-away driver, cyber fraudsters need people to turn their electronic scams into cash. This defendant ran a credit card processing company that was essentially ripping off nearly $71 million dollars from unsuspecting computer users. Like so many others, he thought he would get away with his crimes. Instead, close cooperation with our worldwide law enforcement partners allowed us to track him down and get him back to the United States to face justice.”
Alexander Mihailovski received a sentence that consisted entirely prison time. Four years.