Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
One of the leaders of the renowned JabberZeus cybercrime group, Vyacheslav Igorevich Penchukov (aka Tank), was detained in Geneva, Switzerland. The group is known for stealing tens of millions of dollars from small and medium-sized companies in the United States and Europe.
The Swiss Federal Office of Justice (FOJ) reported that Penchukov was arrested last month and is awaiting extradition to the United States, although he has the right to appeal the FOJ’s decision.
By order of the Federal Office of Justice (FOJ) and based on an extradition request from the USA, a Ukrainian national was arrested in the Canton of Geneva on 23 October 2022 and detained pending extradition.
The US authorities accuse the prosecuted person of extortion, bank fraud, and identity theft, among other things. During the hearing on 24 October 2022, the person did not consent to his extradition to the USA via a simplified proceeding.
After completion of the formal extradition procedure, the FOJ has decided to grant his extradition to the USA on 15 November 2022. The decision of the FOJ may be appealed at the Swiss Criminal Federal Court, respectively at the Swiss Supreme Court.
Statement from Swiss Police for Bleeping Computer
Penchukov’s detention was first reported by independent journalist Brian Krebs, citing “several sources.” Krebs stated that Penchukov, who is from Donetsk, was arrested while flying to Geneva to visit his wife.
Penchukov’s Role in JabberZeus Gang
In 2012, the U.S. Department of Justice first accused Penchukov of being involved in a scheme to steal millions of dollars using bank account details, passwords, personal identification numbers, and other sensitive information acquired using the infamous Zeus malware.
According to Bleeping Computer, Penchukov was reportedly one of the managers of the Maze and Egregor ransomware campaigns. Maze ransomware is known for performing double-extortion ransomware attacks, in which threat actors stole data and used it as additional leverage to force victims to pay a ransom. Some of its victims include: Xerox, Cognizant, LG Electronics, Hammersmith Medicines Research, to name a few. Maze eventually changed its name to Egregor and Sekhmet in order to dodge law enforcement.
As one of the leaders of the JabberZeus cybercrime ring, Penchukov supervised the stolen banking credentials and the money mules that transferred funds from victims’ accounts to those controlled by cybercriminals.
Along with eight other defendants, he was charged with “conspiracy to commit racketeering activities, computer fraud and identity theft, aggravated identity theft, and multiple counts of bank fraud”. Two of his accomplices, Ukrainian nationals Yevhen Kulibaba and Yuriy Konovalenko, pleaded guilty in November 2014 and were sentenced to two years and ten months in prison in May 2015.
The FBI’s had Penchukov on the “Most Wanted” list for ten years, the notice is available here.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.
