Estonian man sentenced to prison for role in cyber intrusions, ransomware attacks

Prosecutors say Maksim Berezan made millions in bitcoin from ransomware targets and other cybercrimes.
Prosecutors say Berezan bought a Ducati with money he made off of ransomware targets. (Photo by SONNY TUMBELAKA/AFP via Getty Images)

An Estonian man was sentenced to 66 months in federal prison Friday for participating in ransomware attacks that caused more than $53 million in losses, federal prosecutors said.

Maksim Berezan, 37, was convicted of facilitating computer intrusions, fraudulently obtaining goods and funds and monetizing stolen financial account information.

In addition to his prison sentence, Berezan has been ordered to pay more than $36 million in restitution, according to prosecutors.

Investigators found evidence of Berezan’s ties to ransomware activity when they searched his electronic devices. Prosecutors say they determined Berezan participated in at least 13 ransomware attacks, yielding him about $11 million in cryptocurrency. Seven of Berezan’s victims were based in the U.S.


Recent tallies suggest ransomware hackers are growing more demanding and receiving bigger payouts, even as victims reporting ransomware crimes to the FBI account for a relatively low percentage of complaints compared to other cybercrimes.

Berezan used the profits to buy two Porsches, a Ducati motorcycle and jewelry, prosecutors said. Police also found more than $200,000 and electronic devices storing bitcoin worth about $1.7 million, prosecutors said.

Berezan was extradited to the U.S. from Latvia, where he was arrested. He pleaded guilty in April 2021 to conspiracy to commit wire fraud affecting a financial institution and conspiracy to commit access device fraud and computer intrusions. Prosecutors said Berezan was an active member of an “exclusive” online forum for Russian-speaking cybercriminals. They allege that Berezan participated in the forum, which was used to exchange cybercrime tips and tools, from 2009 through 2015.

“This case is a prime example of how the Department of Justice can leverage its traditional tools —criminal investigations and prosecutions — to combat ransomware,” said Assistant Attorney General Kenneth Polite Jr. of the Justice Department’s Criminal Division. “Many of the world’s ransomware players began as fraudsters engaged in other types of online crimes, and this case demonstrates that their crimes will catch up to them.”

Lana Manitta, a lawyer for Berezan, did not return a call seeking comment.

Suzanne Smalley

Written by Suzanne Smalley

Suzanne joined CyberScoop from Inside Higher Ed, where she covered educational technology and from Yahoo News, where she worked as an investigative reporter. Prior to Yahoo News, Suzanne worked as a consultant to the economist Raj Chetty as he launched his Harvard-based research institute Opportunity Insights. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and covered two presidential campaigns for Newsweek. She holds a masters in journalism from Northwestern and a BA from Georgetown. A Miami native, Suzanne lives in upper Northwest Washington with her family.

Latest Podcasts