Hacker ‘Tank’ gets prison sentence for connections to Zeus and IcedID malware

Avatar

The U.S. justice system closed the book on a long-running criminal hacking case Thursday, as a Nebraska federal judge sentenced a Ukrainian national to prison and ordered him to pay millions of dollars in restitution for participating in two notorious malware schemes.

Vyacheslav Igorevich Penchukov, 37, had pleaded guilty in February to charges associated with helping  operate the Zeus banking malware in the 2010s and later the IcedID infostealer, also known as Bokbot.

Wired first reported the sentencing, which essentially sends Penchukov to prison for nine years with three years of supervised release. The judge also ordered him to pay $73 million in restitution. Penchukov had pleaded guilty to one count of conspiracy to engage in racketeering and another count of conspiracy to commit wire fraud.

Known as “Tank” in hacker circles, Penchukov had been on the FBI’s Most Wanted list for more than a decade before he was arrested in Switzerland in 2022 and extradited to the U.S. in 2023.

He was originally named in a 2014 indictment against the JabberZeus Crew, which began spreading Zeus in 2009, according to prosecutors. The malware captured banking account passwords and other information that allowed the cybercriminals to pose as account holders and drain their money. 

Hired “money mules” would then receive the money in their own bank accounts and withdraw it to accounts controlled by Penchukov and his fellow cybercriminals, the Department of Justice (DOJ) said in February.

Alleged Zeus co-conspirators included Maksim Yakubets and Evgeniy Bogachev are both wanted by the U.S. government, which is offering multimillion-dollar rewards for each.

Prosecutors said Penchukov helped run the IcedID operation from at least November 2018 through February 2021. The malware collects and transmits information from infected computers, including banking credentials. 

“One such victim of this ransomware attack was the University of Vermont Medical Center, causing the loss of over $30 million from this victim alone, and left the medical center unable to provide many critical patient services for over two weeks,” the DOJ said.

CybercrimeGovernmentNews BriefsNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Joe Warminsky

is the news editor for Recorded Future News. He has more than 25 years experience as an editor and writer in the Washington, D.C., area. Most recently he helped lead CyberScoop for more than five years. Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.

 

Total
0
Shares
Previous Post

Indiana county files disaster declaration following ransomware attack

Next Post

Hackers stole ‘nearly all’ call logs over six months from AT&T

Related Posts

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions

The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed
Avatar
Read More