ALEXANDRIA, Va. – A U.S. Secret Service investigation uncovered a cybercriminal sentenced today to 66 months in prison for his years-long role in furthering and facilitating computer intrusions, the movement of fraudulently obtained goods and funds, and the monetization of stolen financial account information. The Estonian man also participated in ransomware attacks causing over $53 million in losses and was ordered to pay over $36 million in restitution.
According to court documents, Maksim Berezan, 37, who was apprehended in Latvia and extradited to the United States, pleaded guilty in April 2021 to conspiracy to commit wire fraud affecting a financial institution and conspiracy to commit access device fraud and computer intrusions. Berezan was an active member of an exclusive online forum designed for Russian-speaking cybercriminals to gather safely and exchange their criminal knowledge, tools, and services. From 2009 through 2015, Berezan not only furthered the criminal aims of the forum, but he also worked closely with forum members and other cybercriminals for purposes of obtaining and exploiting stolen financial account information.
According to court documents, following Berezan’s arrest, investigators uncovered within his electronic devices evidence of his involvement in ransomware activities. The post-extradition investigation determined that Berezan had participated in at least 13 ransomware attacks, 7 of which were against U.S. victims, and that approximately $11 million in ransom payments flowed into cryptocurrency wallets that he controlled.
As reflected in court documents, Berezan used his ill-gotten gains to purchase two Porsches, a Ducati motorcycle, and an assortment of jewelry. In addition, authorities recovered from Berezan’s residence currency worth more than $200,000 and electronic devices storing passphrases to bitcoin wallets that contained bitcoin worth approximately $1.7 million, which has been forfeited.
“The Secret Service remains committed to ensuring that modern conveniences of today that facilitate our lawful transactions and economic health are not leveraged by criminals for illicit activity and personal gain. While we have long been in the business of protecting money, from the earliest days of coins and paper, to plastic, and today’s more accessible and commonplace digital currencies, we also remain in parallel footprint to the evolution of criminal behavior into cyberspace,” said U.S. Secret Service Special Agent in Charge Matthew Stohler.
“Ransomware thieves are not safe in any dark corner of the internet in which they may think they can hide from our highly trained investigators and law enforcement partners worldwide. Together with our critical partners we are dedicated to protecting the public, and securing every iteration of our money and every part of our national financial infrastructure.”