Skip to content
Tech News
← Back to articles

Yanluowang ransomware access broker gets 81 months in prison

2026-03-24 | original
read original get Cybersecurity Awareness Book → more articles
Why This Matters

The sentencing of Aleksey Olegovich Volkov highlights the ongoing threat posed by ransomware access brokers and the importance of international cooperation in cybercrime enforcement. This case underscores the need for organizations to strengthen cybersecurity measures to prevent unauthorized network access and mitigate ransomware risks, which continue to be a significant concern for both the tech industry and consumers.

Key Takeaways

A Russian national was sentenced to nearly 7 years in prison after pleading guilty to acting as an initial access broker (IAB) for Yanluowang ransomware attacks.

As 26-year-old Aleksey Olegovich Volkov (also known online as "chubaka.kor" and "nets") admitted in his November guilty plea, he targeted at least eight companies across the United States between July 2021 and November 2022.

Volkov said that he breached corporate networks and sold that access to the Yanluowang ransomware-as-a-service (RaaS) operation, whose affiliates encrypted victims' data and sent ransom demands ranging from $300,000 to $15 million.

He was extradited to the U.S. after being arrested in Italy in January 2024. U.S. prosecutors charged him after the Yanluowang gang stole non-sensitive files from a Cisco employee's Box folder, but failed to encrypt systems and collect a ransom.

"As part of his plea, Volkov admitted that he and his co-conspirators hacked into numerous victims' computer networks, stole their data, deployed ransomware, demanded payment in cryptocurrency to exchange for restoring access to the data, and divided the ransom payments among themselves," the Justice Department said on Monday.

As revealed in court documents, the FBI recovered chat logs, stolen data, victims' network credentials, and evidence that Yanluowang email accounts were used for ransom negotiations after seizing a server linked to the ransomware gang.

They also traced Volkov's identity through Apple iCloud data, cryptocurrency exchange records, and social media accounts (including a Twitter account) linked to his Russian passport and phone number.

The recovered chat logs showed Volkov negotiating deals with an accomplice for a percentage of the ransom payments in exchange for providing credentials to some of Yanluowang's victims' networks. The FBI said that Volkov's percentage of the collected ransoms reached $1.5 million.

According to an affidavit signed by FBI Special Agent Jeffrey Hunter, while reviewing documents obtained from Volkov's Apple account, the investigators also discovered a screenshot of a chat with a user named LockBit, suggesting an additional potential link to the notorious LockBit ransomware gang.

Volkov was sentenced to 81 months in prison after initially facing a maximum sentence of 53 years, and is required to pay over $9 million in restitution to the victims of the Yanluowang ransomware attacks.

... continue reading

Explore topics: yanluowang ransomware initial access broker cisco cryptocurrency
Related:
Amazon's Zoox to debut robotaxis in Austin, Miami later this year as it awaits paid ride approval
Zoox Expands Service and Brings Its Robotaxi to Two New Cities
Your wireless router is now banned from sale in the US, but you can still use it
New wireless routers now banned from sale in the US, but you can still use yours
Zoox is bringing its robotaxis to Austin and Miami

© 2026 GoKawiil

About | Editorial Policy | Contact