Russian Hacker Sentenced to 81 Months for Yanluowang Ransomware Role

A court in the Southern District of Indiana sentenced Aleksei Volkov, a 26-year-old Russian citizen from St. Petersburg, to 81 months in federal prison for his role funneling criminal ransomware groups into corporate networks across the United States, including companies in Indiana.

According to court documents, Volkov was an "initial access broker," a person who specializes in gaining unauthorized access to computer networks and systems of corporations and organizations and selling that access to other cyber threat actors such as ransomware operators. Operating under the alias "chubaka.kor" between July 2021 and November 2022, Volkov facilitated dozens of ransomware attacks throughout the United States, causing over $9 million in actual losses and over $24 million in intended losses.

Prosecutors identified seven specific U.S. businesses targeted during the 16-month period, including an engineering firm and a bank. Two victims paid a combined $1.5 million in ransom payments. Among the groups Volkov supplied was the Yanluowang ransomware operation, whose affiliates encrypted victims' data and sent ransom demands ranging from $300,000 to $15 million. Infosecurity Magazine reported that the group's victims included Cisco and Walmart.

Volkov's co-conspirators used the access he provided to infect computer networks with malware that encrypted victims' data and prevented them from accessing it, damaging their business operations. The conspirators then demanded that victims pay a ransom in cryptocurrency, sometimes in the tens of millions of dollars, in exchange for restoring access and promising not to publicly disclose the hack or release stolen data on a "leak" website. Victims also reported receiving harassing phone calls and experiencing distributed denial-of-service attacks after their data was stolen, representing an evolution in how ransomware operators apply pressure to targets. When victims refused to pay, conspirators published stolen data on leak websites designed to shame companies.

Volkov was indicted in both the Southern District of Indiana and the Eastern District of Pennsylvania before police in Rome, Italy, arrested him and he was extradited to the United States. He was arrested in Rome in 2024 and extradited in 2025. The Justice Department's Office of International Affairs worked with the Government of Italy to secure the arrest and extradition.

On November 25, 2025, Volkov pleaded guilty to four counts from the Southern District of Indiana indictment: unlawful transfer of a means of identification, trafficking in access information, access device fraud, and aggravated identity theft; as well as two counts from the Eastern District of Pennsylvania indictment, conspiracy to commit computer fraud and conspiracy to commit money laundering, after the two cases were consolidated in the Southern District of Indiana.

Volkov was sentenced to 81 months in prison after initially facing a maximum sentence of 53 years. As part of his sentence, Volkov must pay full restitution to victims, including at least $9.1 million to identified companies, and forfeit equipment used in his criminal activities.

The prosecution team included Senior Counsel Matthew A. Lamberti of the Criminal Division's Computer Crime and Intellectual Property Section, Assistant U.S. Attorney for the District of Connecticut Edward Chang on detail to that section, Assistant U.S. Attorneys MaryAnn T. Mindrum and Matthew B. Miller for the Southern District of Indiana, and Assistant U.S. Attorney Sarah Wolfe for the Eastern District of Pennsylvania. The FBI's Indianapolis and Philadelphia field offices investigated the case, with assistance from international law enforcement partners.