The FBI is searching for a Russian hacker accused of targeting multiple North Texas companies with ransomware attacks.
A federal arrest warrant has been issued for 31-year-old Aleksandr Ryzhenkov for charges of conspiracy to commit fraud and related activity in connection with computers, intentional damage to a protected computer, transmitting a demand in relation to damaging a protected computer, and conspiracy to commit money laundering.
The Justice Department unsealed Ryzhenkov’s indictment on Tuesday. According to the document, Ryzhenkov gained unauthorized access to information stored on victims’ computer networks as early as June 2017. Ryzhenkov, along with fellow conspirators, used ransomware known as BitPaymer to encrypt the company’s files, making them inaccessible.
After making the files inaccessible, Ryzhenkov would leave an electronic ransom note, demanding the companies contact the hackers and begin ransom negotiations. If they did not pay the ransom, Ryzhenkov said he would publish their sensitive information online.
Two of the targeted companies are headquartered in Dallas, one in Lewisville, one in Orange, Texas, and one in Indiana with a data center in Dallas. It is not clear why the specific companies were targeted.
Ryzhenkov is believed to have demanded millions of dollars in ransom from the companies he targeted.
“Ransomware attacks – particularly those deployed by bad actors with ties to Russia – can paralyze a company in the time it takes to open a laptop. Whether or not the ransom is paid, recovering from a ransomware attack is generally costly and time-consuming,” said U.S. Attorney Leigha Simonton for the Northern District of Texas in a press release.
Ryzhenkov is believed to be in Russia currently, possibly in Moscow.
He is known to be a close associate of Makism Yakubets, a notorious Russian cyber-criminal who is also on the FBI’s most wanted list.
In July, The Dallas Express sat down with James Beeson, executive cyber advisor of DFW-based Cloud Communications Group.
Beeson told DX, “The threat landscape is getting worse. It is bad. There are billions of dollars in the threat landscape. A lot of this comes from four big players: China, North Korea, Iran, and Russia. Those big four is where a huge percentage of the activity is coming from.”
October marks National Cybersecurity Awareness Month.
Since 2004, October has been recognized as a month to enhance cybersecurity awareness, encourage the public to reduce online risk and start a conversation surrounding cyber threats.
In 2023, the Cybersecurity and Infrastructure Security Agency launched a cybersecurity awareness program, Secure Our World. The program educates adults and children on how to keep private information secure and prevent a cybersecurity attack.
