Russian Hacker Jailed for Selling Access to U.S. Networks to Ransomware Gangs

A 26-year-old Aleksei Volkov from St. Petersburg ran a quiet but devastating business for years, cracking open corporate networks and selling the entry to ransomware gangs.

A federal court in the Southern District of Indiana crashed that business permanently, sentencing Volkov to 81 months imprisonment.

He helped bad cyber gangs, including the fierce Yanluowang ransomware group, to hit U.S. ventures with crippling attacks, billing them huge ransoms and causing more than $9 million in confirmed losses. He also pocketed a share of every payment victims made.

The Man Who Sold the Keys to Corporate America

According to investigators, Volkov stood as an “initial access broker”, a specialist looking out for loopholes in corporate networks, infiltrating them without permission, and trading that entry point with other cyber thieves. His buyers were ransomware groups who used the access Volkov provided to plant malware deep inside victims’ systems.

Once the malware took hold, it encrypted company data and locked employees out of their own systems. The ransomware groups then sent demands, sometimes reaching tens of millions of dollars in cryptocurrency, threatening to publish stolen data on leaked websites if victims refused to pay. Some companies paid.

Others watched their confidential records go public. Either way, Volkov took a cut of every ransom payment that landed.

The cryptocurrency used to launder these illicit gains flows through a well-established underground financial system. Russian dark web markets have laundered $2 billion via crypto exchanges, demonstrating the massive scale of the money-laundering infrastructure that enables ransomware groups to cash out their extortion proceeds while evading law enforcement.

Two Indictments, One Arrest, and a Transatlantic Extradition

Federal investigators in two separate districts, the Southern District of Indiana and the Eastern District of Pennsylvania, built cases against Volkov at the same time. 

Collaboratively, the International Affairs of the Justice Department and the Italian government secured his extradition, and authorities consolidated both cases in Indiana.

On November 25, 2025, Volkov stood in court and pleaded guilty to six counts spanning both indictments. These included illicit transfer of ID-able materials, trafficking in access information, aggravated identity theft, access device fraud, conspiracy to execute computer fraud, and conspiracy to execute money laundering.

He confirmed that, together with his co-conspirators, infiltrated the networks of multiple victims, deployed ransomware, requested cryptocurrency payments, and shared the proceeds.

$9 Million in Restitution and a Federal Warning that Reaches Past Borders

The court ordered Volkov to pay full restitution of at least $9,167,198.19 to known victims and to forfeit the equipment for his operation. Prosecutors confirmed his co-conspirators tried to collect more than $24 million in total ransoms, though not all demands succeeded.

Acting FBI Indianapolis Special Agent Timothy O’Malley and Acting FBI Philadelphia Special Agent Wayne A. Jacobs both flagged the case as a significant win. The FBI viewed Volkov’s prosecution as more than one hacker going to prison; it was a direct strike against the supply chain that keeps ransomware operations running.

Senior Counsel Matthew Lamberti of the Justice Department’s Computer Crime and Intellectual Property Section, who led the prosecution alongside a team from two districts, stressed that pursuing initial access brokers sits at the center of the department’s broader strategy to dismantle ransomware ecosystems from the ground up.

The Volkov case joins a growing list of successful cross-border prosecutions stretching U.S. law enforcement far beyond American soil. Bad actors who bank on distance and borders as protection are finding out fast, an arrest in Rome proves the United States is still coming.