A Russian man has been extradited from the Netherlands to the US on suspicion of participating in a $70m money laundering conspiracy.
Denis Mihaqlovic Dubnikov, 29, appeared in a federal court in Portland yesterday ahead of a planned jury trial on October 4.
Along with multiple unnamed co-conspirators, he’s alleged to have helped to launder tens of millions of dollars extorted by threat actors using the infamous Ryuk ransomware.
Dubnikov is personally accused of laundering at least $400,000 in proceeds.
Widely believed to have been the product of the same threat actors behind the infamous Conti strain, Ryuk first appeared in August 2018.
According to the DoJ, it was used to target thousands of victims globally across multiple sectors, with law enforcement particularly concerned about the threat it posed to US healthcare providers.
In fact, data from November-December 2020 revealed that Ryuk and REvil were mainly responsible for a 45% surge in attacks on the healthcare sector, as hospitals battled the COVID-19 pandemic.
In January 2021, it was revealed that the group made at least $150m, according to an analysis of 61 cryptocurrency deposit addresses linked to Ryuk. However, the total is likely to be far higher. A separate analysis claims the Conti/Ryuk operation may have made as much as $2.7bn.
Dubnikov’s case was handled by the DoJ’s Ransomware and Digital Extortion Task Force, an initiative set up by the Biden administration following the Colonial Pipeline attack.
The task force aims to disrupt and prosecute ransomware activity by “tracking and dismantling the development and deployment of malware, identifying the cyber-criminals responsible, and holding those individuals accountable for their crimes.”
It has already had some success in tracking and returning some funds paid to ransomware actors by their victims.
In July, $500,000 was returned to several corporate victims of the Maui variant including two hospitals.
Dubnikov faces a maximum of 20 years behind bars if found guilty.