Russian cyber-criminals are hard to arrest, because there is no extradition treaty between the US and Russia. The Russian government allows them to prosper as long as they do not attack anything in Russia. The Russian government also contracts with these criminal groups when they need some state sponsored hacking done, a la Grizzly Steppe. In Russia, these guys are considered to be just very successful business men. They have achieved the status of super heroes in their own country, because they excel at transferring billions of dollars from the West into the Russian economy.
But every super hero has his cryptonite, and for the Russian cyber-criminal it is the foreign vacation.
Roman Seleznev, the son of a Russian parliament member, was whisked away from a tropical vacation in the Maldives by a covert ops team and flown to Guam. Roman thought the Maldives would be perfect since it has no extradition treaties either, but that turned out to be not so much of a protection as he hoped. He awaited trial in in the US in Seattle, and last year was convicted of running a huge credit card and identity theft operation.
Recently the Minneapolis office of the FBI reported on the guilty plea of another Russian cyber-criminal, Maxim Senahk. Senahk ran one of the largest bot-nets on the Internet. He was indicted back in 2015, but was finally arrested when he tried to cross the border into Finland, to visit his sister. Finnish law enforcement, the Bundeskriminalamt, or BKA arrested Senahk and had him extradited to the US. He plead guilty in a Minneapolis Federal Court this March, and will be sentenced in August.
And on Friday April 7, Pyotr Levashov was arrested in Barcelona, Spain, under a US international arrest warrant. Levashov is thought to have been involved in hacking linked to the US presidential election last year. Brian Krebs reported that Levashov is also known as the hacker “Severa”, a “pivotal figure in many Russian-language cybercrime forums, ” and is #7 on the Spamhaus list of the top ten worst spammers.
Several other Russian hackers have been arrested in the last few years when visiting places such as Prague or Mediterranean coast. They may be safe inside Russia, but it seems that sooner or later they get the itch to travel, and then they get pinched.
For more details you can click through the links below.