Denis Mihaqlovic Dubnikov is accused with others of engaging in a variety of financial transactions to conceal cryptocurrency extorted from the victims of Ryuk ransomware attacks from at least August 2018 to August 2021, according to a statement on Wednesday from the US Attorney’s Office in Portland, Oregon.
Ryuk is a type of ransomware that has been used to target thousands of individuals and businesses around the world, but garnered attention in October 2020 after officials warned it was being used to target hospitals and healthcare providers while the country was in the depths of the Covid-19 pandemic.
At the time, Charles Carmakal, strategic services chief technology officer at Mandiant, described the use of Ryuk ransomware to attack hospitals as the most “significant cybersecurity threat we’ve ever seen in the US”. Carmakal added that the Eastern European gang responsible for infecting hospitals with malware was “the most brazen, heartless, and disruptive threat actors” he had ever seen. That gang, known as UNC1878, deliberately targeted the hospitals to extort money from them or force them to shut down their services, officials said.
Dubnikov is accused of laundering more than $400,000 in Ryuk ransom proceeds, the US Attorney’s Office said. The funds were part of a wider scheme among his co-conspirators to launder at least $70-million, according to prosecutors.
Dubnikov was arrested in Amsterdam on 2 November 2021. During his first appearance at a court in Oregon on Wednesday, he pleaded not guilty to the charges.
A five-day jury trial is scheduled to begin on 4 October 2022, according to prosecutors.
If convicted, Dubnikov faces a maximum sentence of 20 years in federal prison, three years’ supervised release, and a fine of $500,000. BM