US offers $2.5m bounty for on-the-run malware dev

The United States Department of State has placed a $2.5m (£1.9m) bounty on the head of a Belarusian malware developer indicted earlier this month over his involvement in the development and distribution of the infamous Angler exploit kit (AEK).

Volodymyr Kadariya – also styled Vladimir Kadaria – aged 38, is accused of assisting co-conspirator Maksim Silnikau, also known as “JP Morgan”, in operating a major cyber criminal cartel spanning over 10 years.

“Kadariya is charged with cyber crime offences associated with an alleged scheme to transmit the Angler exploit kit, other malware and online scams to the computers of millions of unsuspecting victim internet users through online advertisements … and other means from October 2013 through March 2022,” the State Department notice reads.

“At times during the scheme, the AEK was a leading vehicle through which cyber criminals delivered malware onto compromised electronic devices.”

Besides AEK, which was used to distribute malware and ransomware through malvertising campaigns, the men also allegedly made tens of millions of dollars from ransomware strains including Reveton and Ransom Cartel. In doing so, they pioneered the now well-in-use ransomware-as-a-service (RaaS) cyber crime model, leasing their malwares to low-skilled criminals.

If caught, Kadariya will face charges of conspiracy to commit wire fraud, conspiracy to commit computer fraud and substantive wire fraud. These crimes carry a maximum penalty of 27 years in jail in the first instance, 10 in the second, and 40 in the third.

It’s comparatively rare for Russian and Belarusian cyber criminals to face justice given both states are under heavy sanctions over Russia’s invasion of Ukraine, and do not cooperate with extradition requests. However, as was the case with Silnikau, who was seized in July in Estepona, a resort town located on Spain’s Costa del Sol, such individuals do sometimes take it upon themselves to travel outside “safe” jurisdictions.

ImmuniWeb CEO Ilia Kolochenko said that should a reward be paid out, its recipient may well be far from innocent themselves.

“Due to the rapidly unfolding geopolitical crisis, which progressively affects more and more countries, former partners in cyber crime and friendly hacking groups increasingly become irreconcilable enemies for ideological reasons,” he said.

“Moreover, competition on the global cyber crime market also intensifies, so even ideologically similar hacking groups may report each other to law enforcement to make some money and to get a bigger market share.”

The US government is encouraging anybody with information to contact the Secret Service via email at [email protected]. Those located outside the US should contact their local embassy or consulate.