Alleged Russian Cryptocurrency Money Launderer Extradited from the Netherlands to the United States
For Immediate Release
U.S. Attorney's Office, District of Oregon
PORTLAND, Ore.—An alleged cryptocurrency money launderer was extradited this week from the Netherlands to the United States to face charges in the District of Oregon.
In August 2021, a federal grand jury in Portland charged Denis Mihaqlovic Dubnikov, 29, a Russian citizen, for his role in an international cryptocurrency money laundering conspiracy.
According to the indictment, between at least August 2018 and August 2021, Dubnikov and his co-conspirators are alleged to have knowingly and intentionally laundered the proceeds of ransomware attacks on individuals and organizations throughout the United States and abroad. Specifically, Dubnikov and his accomplices laundered ransom payments extracted from victims of Ryuk ransomware attacks.
After receiving ransom payments, Ryuk actors, Dubnikov and his co-conspirators, and others involved in the scheme engaged in various financial transactions, including international financial transactions, to conceal the nature, source, location, ownership, and control of the ransom proceeds.
In July 2019, Dubnikov laundered more than $400,000 in Ryuk ransom proceeds. Those involved in the conspiracy laundered at least $70 million in ransom proceeds.
On November 2, 2021, Dubnikov was arrested in Amsterdam pursuant to a provisional arrest warrant.
Dubnikov made his initial appearance in federal court in the District of Oregon today before U.S. Magistrate Judge Jolie A. Russo. He was arraigned and pleaded not guilty. A five-day jury trial is scheduled to begin on October 4, 2022.
If convicted, Dubnikov faces a maximum sentence of 20 years in federal prison, three years’ supervised release, and a fine of $500,000.
First identified in August 2018, Ryuk is a type of ransomware software that, when executed on a computer or network, encrypts files and attempts to delete any system backups. Of note, Ryuk can target storage drives contained within or physically connected to a computer, including those accessible remotely via a network connection. Ryuk has been used to target thousands of victims worldwide across a variety of sectors. In October 2020, law enforcement officials specifically identified Ryuk as an imminent and increasing cybercrime threat to hospitals and healthcare providers in the United States.
This case was investigated by the FBI. It is being prosecuted by the U.S. Attorney’s Office for the District of Oregon.
Dubnikov’s extradition was handled by the Justice Department’s Office of International Affairs. He was transferred to the District of Oregon by the FBI.
Justice Department components who worked on this seizure coordinated their efforts through the department’s Ransomware and Digital Extortion Task Force, which was created to combat the growing number of ransomware and digital extortion attacks.
The Task Force prioritizes the disruption, investigation, and prosecution of ransomware and digital extortion activity by tracking and dismantling the development and deployment of malware, identifying the cybercriminals responsible, and holding those individuals accountable for their crimes. The Task Force also strategically targets the ransomware criminal ecosystem as a whole and collaborates with domestic and foreign government agencies as well as private sector partners to combat this significant criminal threat.
An indictment is only an accusation of a crime. The defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.
Updated April 19, 2023