US Prisons Russian Access Broker for Aiding Ransomware Attacks

The US Justice Department announced this week that Russian national Aleksei Volkov has been sentenced to 81 months in prison for his role in ransomware attacks. 

Volkov, 26, has been accused of taking part in Yanluowang ransomware attacks that caused more than $9 million in losses — the cybercriminals attempted to extort $24 million in ransom from targeted organizations, the DOJ said.

The man served as an initial access broker for the operation, gaining access to the targeted organizations’ systems and then handing over that access to other members of the operation, who specialized in malware deployment and data theft.

Following his indictment, Volkov was arrested by Italian police in Rome and later extradited to the US to stand trial.

The hacker pleaded guilty in November 2025, admitting that he and his co-conspirators hacked into company networks, stole data, deployed ransomware, and demanded a ransom payment. 

In addition to the prison sentence, the Russian national has agreed to pay more than $9 million in restitution to victims. 

The Yanluowang ransomware group was active in 2021 and 2022. It made headlines in late 2021 for targeting financial corporations and other types of organizations in the United States. 

One of the cybercrime gang’s most notable attacks was against Cisco. Information shared by the networking giant in mid-2022 attributed the attack to an initial access broker with ties to the Russia-linked threat actor UNC2447 and to Lapsus$.

Related: Russian Ransomware Operator Pleads Guilty in US

Related: Dutch Port Hacker Sentenced to Prison

Related: 3 Men Charged With Conspiring to Smuggle US Artificial Intelligence to China