The U.S. justice system closed the book on a long-running criminal hacking case Thursday, as a Nebraska federal judge sentenced a Ukrainian national to prison and ordered him to pay millions of dollars in restitution for participating in two notorious malware schemes.
Vyacheslav Igorevich Penchukov, 37, had pleaded guilty in February to charges associated with helping operate the Zeus banking malware in the 2010s and later the IcedID infostealer, also known as Bokbot.
Wired first reported the sentencing, which essentially sends Penchukov to prison for nine years with three years of supervised release. The judge also ordered him to pay $73 million in restitution. Penchukov had pleaded guilty to one count of conspiracy to engage in racketeering and another count of conspiracy to commit wire fraud.
Known as “Tank” in hacker circles, Penchukov had been on the FBI’s Most Wanted list for more than a decade before he was arrested in Switzerland in 2022 and extradited to the U.S. in 2023.
He was originally named in a 2014 indictment against the JabberZeus Crew, which began spreading Zeus in 2009, according to prosecutors. The malware captured banking account passwords and other information that allowed the cybercriminals to pose as account holders and drain their money.
Hired “money mules” would then receive the money in their own bank accounts and withdraw it to accounts controlled by Penchukov and his fellow cybercriminals, the Department of Justice (DOJ) said in February.
Alleged Zeus co-conspirators included Maksim Yakubets and Evgeniy Bogachev are both wanted by the U.S. government, which is offering multimillion-dollar rewards for each.
Prosecutors said Penchukov helped run the IcedID operation from at least November 2018 through February 2021. The malware collects and transmits information from infected computers, including banking credentials.
“One such victim of this ransomware attack was the University of Vermont Medical Center, causing the loss of over $30 million from this victim alone, and left the medical center unable to provide many critical patient services for over two weeks,” the DOJ said.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Joe Warminsky
is the news editor for Recorded Future News. He has more than 25 years experience as an editor and writer in the Washington, D.C., area. Most recently he helped lead CyberScoop for more than five years. Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.