Russian Man Sentenced in Ransomware Scheme
BOSTON – A Russian man was sentenced yesterday to three years in prison for laundering profits from a scheme in which computer hackers essentially took people’s computers “hostage” electronically until a ransom was paid.
Aleksei Shushliannikov, 23, was sentenced by U.S. Senior District Judge Mark L. Wolf to three years in prison, three years of supervised release, forfeiture of profits and equipment, and restitution. In November 2014, Shushliannikov pleaded guilty to one count of conspiracy to commit money laundering, one count of using a fictitious name and address in connection with the U.S. mail, and one count of identity fraud. He was charged in October 2013.
The scheme began with computer hackers who actually, or seemingly, took over victims’ computers with a virus. The hackers told the victims that they would restore the computers’ function if the victims bought a MoneyPak and sent the MoneyPak number to the hackers. Sometimes the hackers posed as the FBI, saying that the FBI was freezing the victims’ computers as part of a law enforcement action, and that the victims could avoid arrest by paying a criminal fine via MoneyPak. A MoneyPak is a product or service that allows a customer to load cash onto a prepaid debit card that is associated with a MoneyPak number; therefore, a MoneyPak number is almost equivalent to cash. With that number, the customer, or anyone else, can transfer funds from one prepaid debit card to another electronically and with relative ease and anonymity.
But the hackers faced a problem. If they transferred the ransom to physical debit cards, they risked being caught on videotape while withdrawing the ransom as cash at banks and ATMs. So they sold the ransomed MoneyPak numbers over the Internet.
Shushliannikov participated in the scheme from December 2012 until February 2013 when he was caught. The conspiracy bought the ransomed MoneyPak numbers and, in order to cash them with relative anonymity, opened prepaid debit cards using the identities of other, uninvolved people, whose names, dates of birth, and other information he had bought on the Internet. The conspiracy then had the debit cards mailed to mail drops that Shushliannikov employed throughout New England.
Shushliannikov was responsible for finding appropriate mail drops at unsuspecting homeowners’ mailboxes. To avoid discovery, Shushliannikov selected houses throughout Massachusetts and New Hampshire that looked unoccupied, especially those with a “for sale” sign out front. Shushliannikov collected the debit cards from these houses’ mailboxes and brought the cards to his co-conspirator who then loaded the cards with the ransom money. Shushliannikov and the conspiracy then withdrew the funds as cash. Shushliannikov also deposited the ransom in other people’s bank accounts, from which the funds were periodically wired to accounts outside the United States.
Shushliannikov was discovered while removing mail from another person's mailbox in New Hampshire. His GPS linked him to other mail drop addresses used in the scheme. His apartment contained 246 prepaid debit cards, $26,000 in cash, and a money-counting machine, all of which have been forfeited. In total, the conspiracy had opened about 1,100 prepaid debit cards and laundered or intended to launder between $400,000 and $1 million.
United States Attorney Carmen M. Ortiz; Shelly Binkowski, Inspector in Charge of the U.S. Postal Inspection Service; and Bruce M. Foucart, Special Agent in Charge of Homeland Security Investigations in Boston, made the announcement today. Assistance was also provided by the Hampton, New Hampshire Police Department. The case was prosecuted by Assistant U.S. Attorney Scott L. Garland of Ortiz’s Anti-Terrorism and National Security Unit.