Ukrainian national sentenced to 9 years in prison for multiple malware campaigns
Vyacheslav Igorevich Penchukov, 37, received two concurrent sentences for his role in the Zeus and IcedID campaigns that stole millions of dollars.
A 37-year-old Ukrainian man has been sentenced to two concurrent nine-year prison terms after pleading guilty earlier this year to being behind two malware campaigns that resulted in tens of millions of dollars in losses.
Viacheslav Igorevich Penchukov’s prison sentence will be followed by a three-year period of supervision.
U.S. District Judge John M. Gerrard also ordered the hacker to pay $73 million in restitution.
Penchukov pleaded guilty to one count of conspiracy to commit a Racketeer Influenced and Corrupt Organizations Act (RICO) crime for his role as a leader in the Zeus malware campaign, as well as one count of conspiracy to commit wire fraud, this time for his leadership role in the IcedID malware organization.
Penchukov, also known as “tank” and “father” online, was originally indicted in 2012 by a federal grand jury in the U.S. District of Nebraska in August 2012 along with Ivan Viktorvich Klepikov (aka “petr0vich”) and Alexey Dmitrievich Bron (aka “the head”). Klepikov and Bron were arrested in 2015 and sentenced a year later.
The Zeus campaign began in 2009 and successfully collected bank details from its victims before emptying their accounts by posing as employees authorized to make bulk transfers to other accounts. Several money mules also participated in the operation.
Later, after being added to the FBI’s cyber most wanted list, Penchukov helped run a malware campaign that spread IcedID, also known as Bokbot. This also collected banking credentials, among other personal information, and was also able to spread ransomware on victims’ networks. The University of Vermont Medical Center lost more than $30 million to Penchukov and his cronies. The IcedID campaign ran from 2018 to 2021.
“Vyacheslav Igorevich Penchukov was the leader of two prolific malware groups that infected thousands of computers with malicious software. “These criminal groups stole millions of dollars from their victims and even attacked a major hospital with ransomware, leaving it unable to provide critical care to patients for more than two weeks,” he said in a Feb. 15 statement.
“Prior to his arrest and extradition to the United States, the defendant was a fugitive on the FBI’s Most Wanted list for nearly a decade. “Today’s guilty pleas should serve as a clear warning: the Department of Justice will never relent in its pursuit of cybercriminals.”