Earlier this month, Tripwire announced Computer Criminals Brought to Justice, a continuation of its 10 Notorious Computer Criminals Brought to Justice series, by investigating the story of a young man who was recently arrested in connection with the 2014 hack of the U.S. Department of Defense.
This week, we continue our series with Aleksei Shushliannikov, a hacker who is responsible for having used ransomware in an attempt to launder money from victims via MoneyPak.
According to a press release issued by the Department of Justice U.S. Attorney’s Office in the District of Massachusetts, Aleksei Shushliannikov, 23, and a co-conspirator initiated their scheme by infecting victims’ computers with ransomware. In many cases, they posed as the FBI and stated that they had frozen the computers as a result of law enforcement activity. Leveraging this fake authority, the hackers told the affected users that they would restore user access to the files if and when the victims purchased a MoneyPak and sent the MoneyPak number to the hackers.
MoneyPak is a prepaid card that allows online users to transfer funds from one card to another. The service functions similarly to cash, with users being able to complete transactions with relative ease and anonymity.
This makes MoneyPak a favorite among computer criminals. Indeed, rather than risk being caught on videotape withdrawing funds from physical cards, Shushliannikov and his fellow hacker used MoneyPak to help protect their identities.
Once the victims sent over their MoneyPak numbers, the hackers purchased the numbers and used the identities of uninvolved persons to open prepaid credit cards. Shushliannikov ultimately obtained these cards by choosing a number of mail drops throughout New England, particularly at seemingly abandoned houses in Massachusetts and New Hampshire. He and his co-conspirator then withdrew the funds and upon several instances wired some of the ransom payments to accounts located outside of the United States.
Between December 2012 and February 2013, Shushliannikov and his fellow hacker successfully laundered or intended to launder as much as $1 million from victims.
Shushliannikov was eventually caught when Hampton police spotted him attempting to go through a homeowner’s mailbox. After confirming his identity using U.S. Postal Inspection photos taken of a suspect involved in mail thefts around the Cape Cod area, the police arrested him and charged him with attempted theft by unauthorized taking in June of 2013.
Additional charges have been submitted as the full scope of Shushliannikov’s activities has gradually come into focus.
Reflecting his additional crimes, U.S. Senior District Judge Mark. L. Wolf sentenced Shushliannikov to three years in prison, three years of supervised release, and forfeiture of profits and equipment earlier this month.
The case was prosecuted by assistant U.S. Attorney Scott L. Garland of Ortiz’s Anti-Terrorism and National Security Unit.