Skip to Content

US indicts Russians alleged to be at center of major cybercrime network

By Sean Lyngaas, CNN

(CNN) — The US Justice Department on Tuesday announced the indictment of three Russians who prosecutors say were at the center of a major cybercrime network that allegedly helped hackers target hospitals, schools and banks across the US, causing $62 million in damages.

The indictment targets one of the more brazen services provided by and for cybercriminals: so-called “bulletproof hosting” services, which lease internet infrastructure to hackers and claim to offer safe haven from law enforcement.

US prosecutors accused two Russian men, Aleksandr Volosovik and Kirill Zatolokin, of operating a bulletproof-hosting provider from a corporate office in St. Petersburg, Russia’s second largest city. A Russian woman, Yulia Pankova, is also charged in the criminal conspiracy. The charges include conspiracy to commit wire fraud and money laundering.

The Russia-based company, Media Land, has supported numerous criminal groups who have claimed dozens of victims, the Justice Department alleged. The company was incorporated in 2015, according to Russian business records, and is based in a semi-industrial part of St. Petersburg. The State Department is now offering up to $10 million for information on the company and its executives as the US government investigation into Media Land continues.

CNN has requested comment from an email address associated with Media Land.

US and European law enforcement have tracked Volosovik, Zatolokin and Pankova for years. When the US Treasury Department sanctioned them last year, it released a photo of Zatolokin holding a weapon and wearing a Media Land t-shirt.

“To this day, they are likely still shielding criminal activity,” Brett Leatherman, assistant director of the FBI’s cyber division, told CNN, referring to Media Land.

The FBI will be watching to see if the crackdown on Media Land leads cybercriminals to seek out other bulletproof hosting services, Leatherman said.

“We’re looking for that now — to understand where those shifts may be and what opportunities are available to us in law enforcement and in the intelligence community to target those,” he added.

Michael DeBolt, president and chief intelligence officer at security firm Intel471, described bulletproof hosting providers as “fuel to the cybercrime underground.”

“Whether its deploying malware, hosting illicit marketplaces, launching ransomware or safeguarding stolen digital goods, Media Land’s impact should be measured by the years of criminal activity it has supported, enabled and sustained,” DeBolt told CNN.

The FBI, Secret Service and other law enforcement agencies have for years conducted operations to disrupt ransomware gangs, which extract hundreds of millions in ransoms annually from victims. While some officials in the Biden administration floated the idea of banning ransom payments, the idea was ultimately shelved because of the adverse impacts it might have on certain victims.

With Russia continuing to harbor the hackers, FBI agents are trying to chip away at the problem by targeting the ransomware groups’ computing tools, some of which are based outside of Russia.

The law enforcement operations have produced results: millions of dollars in cryptocurrency seized and prolific hackers arrested and extradited. But by other measures, the problem is getting more brazen and concerning. To augment their hacking, a Russian-speaking crime group has been hiring people to show up to major US law firms and plug-in USB sticks, CNN reported last month.

CNN has requested comment from the Russian embassy in Washington, DC.

Tuesday’s indictment is one of a raft of Western law enforcement and intelligence actions related to Russian criminal or state-sponsored hacking in the last week. The British government and European Union on Monday accused the Russian FSB intelligence service of trying to hack the Polish power grid last year in an attack that could have cut power for half a million people. For its part, Dutch intelligence accused Russian state-backed hackers of “systematically” breaching video cameras in Europe to surveil military transport routes and weapon deliveries to Ukraine.

Leatherman, the FBI official, said the US government continues to regularly warn about the Russian state-backed hacking because, after an initial lull following Russia’s full-scale invasion of Ukraine in 2022, “we have seen, probably over the last year or so, an uptick in [Russian cyber] targeting of the United States.”

CNN’s Darya Tarasova contributed reporting.

The-CNN-Wire
™ & © 2026 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.

Article Topic Follows: CNN - US Politics

Jump to comments ↓

Author Profile Photo

CNN Newsource

BE PART OF THE CONVERSATION

KVIA ABC 7 is committed to providing a forum for civil and constructive conversation.

Please keep your comments respectful and relevant. You can review our Community Guidelines by clicking here

If you would like to share a story idea, please submit it here.