Russian hacker sentenced to 6.75 years in the U.S. for enabling ransomware attacks that caused over $9M in damages to multiple victims.
A Russian cybercriminal has been sentenced in the United States to 6.75 years in prison for helping ransomware gangs carry out attacks that caused millions of dollars in damage to organizations across the country.
The hacker, Aleksei Olegovich Volkov, 26, played a key role in supporting several cybercrime groups, including the Yanluowang ransomware operation, according to the U.S. Department of Justice. Authorities say his activities helped enable numerous attacks that resulted in more than $9 million in actual losses, with intended damages exceeding $24 million.
Investigators identified Volkov as an initial access broker, a type of cybercriminal who specializes in gaining unauthorized access to corporate networks and then selling that access to other threat actors. These groups typically deploy ransomware after gaining entry, encrypting victim systems and demanding payment to restore access.
Prosecutors said Volkov used a variety of methods to infiltrate targeted systems, including exploiting vulnerabilities and bypassing security protections. After obtaining access credentials, he allegedly sold them to ransomware operators who then carried out attacks against businesses and organizations.
Authorities said the ransomware deployed by Volkov’s co-conspirators encrypted victim data and disrupted operations. The attackers then demanded cryptocurrency payments, sometimes reaching tens of millions of dollars, in exchange for decryption keys and promises not to leak stolen data online.
Volkov was arrested in Italy in January 2024 and later extradited to the United States to face charges. He pleaded guilty in November 2025 to multiple offenses, including computer fraud, trafficking in access credentials, identity theft, and conspiracy to commit money laundering.
As part of his sentence, Volkov has also been ordered to pay at least $9.1 million in restitution to victims affected by the attacks.
U.S. officials say the case highlights the growing role of access brokers in the ransomware ecosystem, where specialized actors sell network entry points to cybercriminal groups that focus on extortion operations.
Reports are sourced from official documents, law-enforcement updates, and credible investigations.
Discover additional reports, market trends, crime analysis and Harm Reduction articles on DarkDotWeb to stay informed about the latest dark web operations.
