Cybercrime activity. PHOTO: Cybercrime Magazine.

Hack Blotter, Vol. 3, No. 4: Cybercriminal Arrests And Convictions

The convergence of cybersecurity and law enforcement

Steve Morgan, Editor-in-Chief

Sausalito, Calif. – Jan. 6, 2020

2019 was a busy year for law enforcement experts working to crack down on cybercrime. It was also a busy year for judges and prosecutors, as they worked to achieve justice in an area of law rife with international politics and extradition requests. It was also a year of victories for the justice system, as we saw several notorious cybercriminals sentenced for their conduct.

Read on to learn about the biggest arrests, convictions, and criminal sentences in cybercrime during the last quarter of 2019.


Dec. 24. Kerem Albayrak, a cybercriminal from North London, was sentenced to a two-year suspended jail term, 300 hours of unpaid work and a six-month electronic curfew in the UK for trying to extort Apple after claiming that he had access to 319 million iCloud accounts.

Dec. 23. Police in Nepal have detained 122 Chinese men and women in its biggest crackdown on crime by foreigners entering the country on tourist visas. The Chinese are suspected of cyber crime and hacking into bank cash machines. They are being held in different police stations and their passports and laptops had been seized.

Dec. 23. Greece’s top administrative court has suspended a decision to extradite Alexander Vinnik, accused of being the mastermind of a $4 billion bitcoin laundering ring, until it hears an appeal.

Dec. 21. Three members of an international organized cybercrime group that was behind the multi-million dollar GozNym malware attack on U.S. businesses and financial institutions have been sentenced to prison.

Dec. 21. Pakistan’s Federal Investigation Agency claimed to have arrested a man allegedly involved in cybercrimes. The suspect, according to an FIA spokesperson, was involved in stealing records of different banks, causing financial losses to customers of the banks.

Dec. 20. Greece agreed to extradite Alexander Vinnik, a Russian citizen accused of cryptocurrency-related charges in several countries, to France.

Dec. 20. Scott Burns has been sentenced to ten months in prison for carrying out cyberattacks against the airline Jet2.

Dec. 20. The U.S. justice department indicted Zhu Hua and Zhang Shilong, two Chinese men accused of hacking into the computer networks of companies and government agencies in Western countries.

Dec. 19. Nathan Wyatt, an alleged member of the hacking collective that claimed responsibility for the theft of files from British insurance firms, appeared in U.S. federal court after his extradition from the UK.

Dec. 17. The Moscow City Court upheld a 13-year prison sentence given to Ukrainian citizen Yury Lysenko for cybertheft of one billion rubles from Russian banks.

Dec. 13. Three men were arrested in connection with a cryptocurrency mining scheme that defrauded investors of $722 million. Matthew Brent Goettsche, 37, and Jobadiah Sinclair Weeks, 38, are charged by indictment with conspiracy to commit wire fraud. Goettsche, Weeks, and Joseph Frank Abel, 49, are charged by indictment with conspiracy to offer and sell unregistered securities.

Dec. 11. Policia Nacional of Spain carried out a successful operation in encrypted chat groups involving child pornography. The investigation, begun in 2017, has led to search and arrest actions in Spain, Italy and France. Europol supported the investigation with analytical support, secure exchange of information and coordination between Spain and the target countries within Europe through the Joint Cybercrime Action Taskforce. The Joint Cybercrime Action Taskforce is a group of specialist international cyber investigators.

Dec. 9. Two Romanian hackers, Bogdan Nicolescu and Radu Miclaus, were sentenced to 20 years and 18 years in prison. The sentencing came after the pair were convicted of conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering and 12 counts each of wire fraud.

Dec. 5. U.S. authorities filed charges against two Russian nationals alleged to be running a global cybercrime organization named Evil Corp. The indictment named Maksim Yakubets and Igor Turashev as figures in a group that used malware to steal millions of dollars in more than 40 countries.

Dec. 3. Nigeria’s Economic and Financial Crimes division arrested 23 suspected students learning the internet scam known as ‘yahoo-yahoo.’ The suspects, between the ages of 19 and 35, confessed that they were undergoing training in various aspects of cybercrime such as love scams, online trading scams and identity theft.

Dec. 2. Europol announced that an international law enforcement crackdown against the use and distribution of the Imminent Monitor Remote Access Trojan (IM-RAT) has resulted in the arrest of 13 cybercriminals and the seizure of a large number of computers and IT equipment.


Nov. 29. U.S. law enforcement arrested 36-year-old Virgil Griffith based on allegations that he traveled to North Korea earlier this year to provide them technical assistance in evading U.S. sanctions. Griffith allegedly offered a presentation that was designed to show North Korea’s government how to beat U.S. sanctions using cryptocurrency and blockchain technology.

Nov. 29. Nine people were arrested in raids across the UK after police took down a website that enabled hackers to watch people through their webcams. The international police operation saw people charged with voyeurism, fraud, and theft.

Nov. 29. In a coordinated international law enforcement operation, Europol shut down the global organized cybercrime network behind Imminent Monitor RAT, yet another hacking tool that allows cybercriminals to gain complete control over a victim’s computer remotely.

Nov. 25. A former member of a hacker group called the “Chuckling Squad,” which has claimed responsibility for taking over notable social media profiles, including that of Twitter CEO Jack Dorsey, was arrested.

Nov. 25. Three Nigerian cyber fraudsters, Isiah Nduka Alozie, Michael Chwuebuka and Njoku Chinedu, were sentenced to various jail terms in Enugu. So far, fifteen fraudsters have been convicted and sentenced between November 20 and 25 by Justice I.N Buba of Enugu’s Federal High Court.

Nov. 22. Accused Russian hacker Aleksei Burkov pleaded not guilty to allegations that he operated two hacking forums where members bought and sold payment data worth roughly $20 million.

Nov. 21. A U.S. judge handed down a 48-month prison sentence to Russian national Stanislav Lisov for his role in deploying NeverQuest malware.

Nov. 19. An Illinois man, Sergiy Petrovich Usatyuk, was sentenced to 13 months in prison and ordered to forfeit $542,925 for operating a service that charged subscription fees to hackers who launched millions of cyberattacks from 2015 to 2017.

Nov. 18. Police made 12 arrests in an investigation into a suspect subscription TV channel and video on demand operation with some 20,000 customers in Spain and abroad. Police reported the arrests were the result of the Cybercrime Central Unit’s active patrol of social media which detected a Facebook page with 1,700 followers offering the services illegally.

Nov. 15. U.S. authorities arrested Eric Meiggs and Declan Harrington, both from Massachusetts, charging them with stealing $550,000 in cryptocurrency from at least 10 victims using SIM swapping.

Nov. 13. The U.S. Justice Department indicted Aleksei Yurievich Burkov on five counts related to his alleged role from 2009 to 2013 running an online criminal marketplace, known as CardPlanet, that sold stolen credit card numbers.

Nov. 12. Canada’s National Division Cybercrime Investigative Team laid charges against John Paul Revesz from Toronto for allegedly operating an international malware scheme under the company name “Orcus Technologies.” Revesz was charged under Section 342.1 of the Criminal Code for Unauthorized use of Computer.

Nov. 6. Nathan Wyatt, alleged to have used the handle “The Dark Overlord” online, is accused of conspiracy, aggravated identity theft and three counts of threatening to damage a computer. He will be extradited from the U.K. to the U.S. to face these charges, after London’s High Court rejected his appeal against an extradition order.

Nov. 2. Twelve people — eight Kenyans, three Rwandan nationals, and one Ugandan — have been arrested in Rwanda for attempting to hack into Equity Bank Rwanda’s clients’ accounts. They were arrested as they planned to commit the crime, according to the Rwanda Investigative Bureau.


Oct. 30. Police in the Mongolian capital of Ulaanbaatar apprehended 800 Chinese citizens and confiscated hundreds of computers and mobile phone SIM cards as part of an investigation into a cybercrime ring.

Oct. 30. Brandon Charles Glover of Winter Springs, Florida, and Vasile Mereacre of Toronto, Canada, each pleaded guilty to one charge of conspiracy to commit extortion involving computers. They will be sentenced in March.

Oct. 29. An Australian man was arrested over alleged distributed denial of service attacks against two businesses. The 34-year-old was arrested following a cybercrime investigation by detectives from Victoria Police and the Australian Federal Police.

Oct. 24. Texas man Oriyomi Sadiq Aloba was sentenced to over 12 years in prison after being found guilty of hacking into the computer system of the Los Angeles Superior Court and then using it to send two million phishing emails.

Oct. 24. Spanish police have arrested three people over a long-running series of business email compromise scams suspected of costing victims $11.9 million. The three arrested suspects, together with another yet to be arrested suspect, allegedly defrauded 12 companies across 10 countries.

Oct. 18. Police from Germany, France, and Holland conducted raids on multiple data centers in a “crackdown” on an illegal hosting site., the largest file hosting site in Germany, was taken down in raids led by the Cybercrime Nordrhein-Westfalen (ZAC NRW) division. No arrests have been made thus far.

Oct. 16. Law enforcement officials from the United States, Britain and South Korea announced that they had arrested hundreds of people worldwide after knocking out a South Korea-based dark web child pornography site. Called Welcome To Video, the website relied on bitcoin cryptocurrency to sell access to 250,000 videos depicting child sexual abuse, including footage of young children being raped.

Oct. 15. Argentinian police briefly detained and raided the home of well-known security researcher Javier Smaldone on suspicion of hacking and leaking data from government systems. Following his release, Smaldone obtained and published court documents pertaining to his arrest on Twitter.

Oct. 11. Two Scottish teenagers were arrested over claims they hacked into the Metropolitan Police’s website and posted a series of bizarre messages.

Oct. 11. Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A. Thompson, citing the overwhelming amount of digital evidence in the case and the ongoing forensics investigation. Prosecutors also expect to file additional charges.

Oct. 9. A Pakistani woman, identified as Sidra Kaleem, was arrested on cybercrime charges.

Oct. 9. A Quebec court ruled that Nana Kofi Opoku Koranteng, a Montreal man accused of launching a cyberattack against Bell Canada, is not allowed to use a computer with internet access, unless it is for work, while his case is pending resolution.

Oct. 8. The Royal Canadian Mounted Police arrested and charged two Montrealers for their alleged involvement in a 2018 cyberattack against Bell Canada. Nana Koranteng and Jesiah Russell-Francis are charged with unauthorized use of a computer, fraud over $5,000, conspiracy to commit fraud, laundering proceeds of crime, identity theft, and identity fraud.

Oct. 3. Ohio resident James Robinson was sentenced to six years behind bars for hacking the city of Akron and Akron Police Department websites in 2017. He was also ordered to pay more than $650,000 in restitution.

Oct. 2. Detectives in Bomet, Kenya have arrested 26-year-old Peter Cheruiyot, who allegedly hacked into Equity Bank accounts and stole more than Sh400,000. He is being questioned over cybercrime cases that have been on the rise in the county.

Oct. 1. German federal police arrested Matjaž Škorjanc, a Slovenian coder wanted by the U.S. on charges of cybercrime. Škorjanc is charged with involvement in a criminal racket that hacked into computers to steal credit card numbers and other data.

Hack Blotter Archives

Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.