May 28, 2024 at 02:39PM
Evgeniy Doroshenko, a Russian national, has been indicted in the U.S. for wire and computer fraud. He allegedly acted as an “initial access broker,” gaining unauthorized entry to corporate networks and selling access on Russian-language cybercrime forums. The charges carry a maximum of 20 years imprisonment and a $250,000 fine for wire fraud, and up to 5 years imprisonment and a similar fine for computer fraud. Doroshenko has not been arrested and, being in Russia, may evade prosecution unless he leaves the country.
From the meeting notes provided, we have gathered the following key points:
– Evgeniy Doroshenko, a 31-year-old Russian national, has been indicted for wire and computer fraud in the United States. He is accused of acting as an “initial access broker” from February 2019 to May 2024.
– An initial access broker (IAB) breaches corporate networks and sells the access to other threat actors for data theft or ransomware attacks.
– Doroshenko, known online as “FlankerWWH” and “Flanker,” allegedly gained unauthorized access to corporate networks and offered to sell this access on Russian-language cybercrime forums.
– The indictment mentions an incident from January 2024 when the FlankerWWH alias attempted to sell access to the network of a company in Bergen County, New Jersey.
– Using KELA’s cyber-intelligence tools, BleepingComputer located an auction for this company, with a starting price of $3,000 and a “flash sale” figure at $6,000.
– Doroshenko’s preferred attack method was breaching networks by brute-forcing exposed Remote Desktop Protocol services. He was also spotted requesting help cracking NTLM hashes, removing passwords from Excel spreadsheets, and advice on contacting the developer of a keylogger.
– The indictment also mentions a case where Doroshenko stole information from one of the systems he breached, valued at over $5,000.
– The wire fraud charge carries a maximum sentence of 20 years in prison and a fine of $250,000, while the computer fraud charge is punishable by up to five years of imprisonment and a similar fine.
– As of now, the suspect hasn’t been arrested, and it seems unlikely that he will be unless he leaves Russia.
Please let me know if you need any further information or if there are specific actions to be taken based on these takeaways.