Securityaffairs

Russian national convicted for running botnet used in attacks on U.S. firms

2 min read
Share X / Twitter LinkedIn Reddit WhatsApp


Russian national convicted for running botnet used in attacks on U.S. firms

Pierluigi Paganini
March 25, 2026

A Russian hacker got 2 years in prison, $100K fine, and $1.6M judgment for running a botnet used in ransomware attacks on U.S. firms.

Russian national Ilya Angelov (40) was sentenced to 24 months in prison for operating a botnet used to carry out ransomware attacks on dozens of U.S. companies. He was also fined $100,000, and a $1.6 million money judgment was imposed. The case was announced by U.S. prosecutors and the FBI’s Detroit Field Division.

Between 2017 and 2021, Ilya Angelov co-managed a Russia-based cybercrime group known as TA551 (or Mario Kart), using aliases like “milan” and “okart.” The group built a botnet by spreading malware through spam email attachments. They then sold access to infected computers to other criminals, who used them to launch ransomware attacks, locking victims out of systems and demanding cryptocurrency payments to restore access.

“The FBI has identified over 70 U.S. corporations that were infected with ransomware by one organization linked to Angelov’s group, resulting in over $14 million in extortion payments.” reads the press release published by DoJ. “Another group that distributed ransomware paid Angelov’s group over a million dollars for access to the Mario Kart botnet.”

The attacks aimed to resell access to infected systems to other criminals for ransomware. From 2018 to 2019, TA551 gave the BitPaymer ransomware group access to its botnet, helping infect 72 U.S. companies and generate over $14.17 million in extortion payments.

Another cybercriminal group also paid over $1 million for access to the Mario Kart botnet.

“May this sentencing serve as a strong message to cyber criminals who believe they can hide behind screens and false identities: you cannot escape the FBI’s reach. You will be held accountable,” said Special Agent in Charge Jennifer Runyan of the FBI Detroit Field Office. “This successful investigation reflects the FBI’s ongoing commitment to identifying, tracking, and dismantling the criminal networks that financially exploit individuals and U.S. corporations. I would like to thank the FBI Detroit Cyber Task Force for their exceptional work in this investigation and to the U.S. Attorney’s Office for ensuring justice was achieved.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, botnet)





Source link

Share X / Twitter LinkedIn Reddit WhatsApp

Related Articles

All Securityaffairs →