Estonian man sentenced to prison for role in cyber intrusions, ransomware attacks

Prosecutors say Berezan bought a Ducati with money he made off of ransomware targets. (Photo by SONNY TUMBELAKA/AFP via Getty Images)


Written by

An Estonian man was sentenced to 66 months in federal prison Friday for participating in ransomware attacks that caused more than $53 million in losses, federal prosecutors said.

Maksim Berezan, 37, was convicted of facilitating computer intrusions, fraudulently obtaining goods and funds and monetizing stolen financial account information.

In addition to his prison sentence, Berezan has been ordered to pay more than $36 million in restitution, according to prosecutors.

Investigators found evidence of Berezan’s ties to ransomware activity when they searched his electronic devices. Prosecutors say they determined Berezan participated in at least 13 ransomware attacks, yielding him about $11 million in cryptocurrency. Seven of Berezan’s victims were based in the U.S.

Recent tallies suggest ransomware hackers are growing more demanding and receiving bigger payouts, even as victims reporting ransomware crimes to the FBI account for a relatively low percentage of complaints compared to other cybercrimes.

Berezan used the profits to buy two Porsches, a Ducati motorcycle and jewelry, prosecutors said. Police also found more than $200,000 and electronic devices storing bitcoin worth about $1.7 million, prosecutors said.

Berezan was extradited to the U.S. from Latvia, where he was arrested. He pleaded guilty in April 2021 to conspiracy to commit wire fraud affecting a financial institution and conspiracy to commit access device fraud and computer intrusions. Prosecutors said Berezan was an active member of an “exclusive” online forum for Russian-speaking cybercriminals. They allege that Berezan participated in the forum, which was used to exchange cybercrime tips and tools, from 2009 through 2015.

“This case is a prime example of how the Department of Justice can leverage its traditional tools —criminal investigations and prosecutions — to combat ransomware,” said Assistant Attorney General Kenneth Polite Jr. of the Justice Department’s Criminal Division. “Many of the world’s ransomware players began as fraudsters engaged in other types of online crimes, and this case demonstrates that their crimes will catch up to them.”

Lana Manitta, a lawyer for Berezan, did not return a call seeking comment.

-In this Story-

cryptocurrency, Department of Justice (DOJ), Estonia, ransomware, U.S. courts