Arent Fox, 06 November 2020
On October 30, 2020, a Russian national was sentenced to eight years in prison for his role in a scheme to illicitly obtain and use sensitive personal and financial information online over the course of twelve years, resulting in more than $100 million in estimated losses. In February, the defendant pled guilty to conspiracy to commit bank and wire fraud.
The government alleged that, from 2007 through 2019, the defendant and other cybercriminals used “botnets,” or networks of infected computers, to engage in a large-scale scheme to steal and traffic sensitive information, such as personally identifiable information and online banking credentials.
According to court documents, the defendant wrote software scripts and manually searched online data to mine for easily monetized information. Over the course of the scheme, the defendant allegedly possessed and monetized over 200,000 unauthorized access devices containing either personally-identifying information or financial account information.