Ransomware Scammer Gets Five Years

John Lister's picture

An Estonian man will spend more than five years in a US jail for ransomware scams. Maksim Berezan took more than $50 million from victims.

Many scammers get away with online crimes because they operate in countries with a lax attitude to crimes committed against people outside their national borders. That was not the case with Berezan, who was arrested in Latvia and extradited to the US. Justice Department officials thanked authorities in both Latvia and Estonia for their cooperation.

Although Berezan pleaded guilty in April last year, he's only just been sentenced for "conspiracy to commit wire fraud affecting a financial institution and conspiracy to commit access device fraud and computer intrusion."

$36 Million Fine

His sentence was 66 months in prison, with an order to pay back $36 million to victims. His attacks reportedly cost victims more than $53 million in losses, which could include money paid in ransoms, lost business, and costs of restoring or recreating data. (Source: justice.gov)

How much he'll actually repay remains to be seen. Authorities have already seized the equivalent of $1.7 million after searching his residence and finding electronic devices that stored the password for bitcoin wallets, which allow access to cryptocurrency that can be exchanged for cash.

The full extents of Berezan's crimes may not be known, but an investigation revealed he took part in an online forum for cyber criminals for six years. Investigators confirmed he took part in at least 13 ransomware attacks, seven against victims in the US.

Money Still Missing

In total, investigators could prove he collected more than $11 million in ransomware payments, though the true figure may be larger and include payments whose recipient can't be identified.

Police said Berezan had used the stolen money to buy "two Porsches, a Ducati motorcycle, and an assortment of jewelry" and that he had $200,000 in cash at his residence. That suggests there's still a huge amount of his ill-gotten gains yet to be tracked down. (Source: zdnet.com)

What's Your Opinion?

Is this a suitable sentence? Does this case increase your confidence that ransomware scammers will eventually be brought to justice? Should governments around the world work more closely to deal with online crimes?

Rate this article: 
Average: 4.7 (6 votes)


repete_14444's picture

Although this is a good start, there is so much online "conspiracy to commit wire fraud affecting a financial institution and conspiracy to commit access device fraud and computer intrusion", most scammers get away with it.

curtf_15864's picture

He should be held in jail until most if not all of the money he stole is returned. That should give him an incentive to disclose where it is. But 5 years isn't enough and should be a minimum of 10 years, long enough so that he'll think twice before doing it again.