Who doesn’t fancy earning US $2.5 million?
That’s the reward that’s on offer from the US Department and State and Secret Service for information leading to the arrest and/or conviction of a Belarusian man who allegedly was a key figure behind the development and distribution of the notorious Angler Exploit Kit.
38-year-old Vladimir Kadariya is charged with a range of cybercrime offences which saw millions of internet users defrauded through malvertising and other means since at least October 2013.
The malvertising campaigns were designed to appear legitimate but often redirected victim Internet users who viewed or accessed the advertisements to malicious sites and servers that sought to defraud the users or deliver malware to the users’ devices. The Angler Exploit Kit was a leading vehicle through which malware was delivered onto compromised electronic devices.
Kadariya, who it is claimed used online aliases including “Stalin,” “Eseb,” and “baxus,” was indicted in June 2023, but the indictment was only unsealed this month when he was identified as a co-conspirator of alleged ransomware kingpin Maksim Silnikau (also known as “J P Morgan”).
Over the years, the Angler Exploit Kit has been used to infect many millions of computer users with malware, often spread via poisoned ads on all manner of websites – varying from some of the world’s most-visited adult websites, celebrity gossip sites TMZ and Perez Hilton, and even an article in The Guardian asking (ironically enough) whether cybercrime is out of control.
Kadariya is also suspected of having assisted in the delivery of “scareware” attacks, where internet users are tricked into believing that their computers were infected with malware or had other problems that required urgent action. Unsuspecting victims would be tricked into purchasing or downloading malicious software, granting malicious hackers remote access to their PCs, or disclosing personal information.
Victims of such attacks would be monetised in various ways – for instance, banking information and login credentials would be stolen from users and sold to fraudsters via cybercrime forums, and compromised PCs would be recruited into botnets that could be exploited further.
Kadariya’s whereabouts are currently unknown.
Anyone who is interested in applying for a share of the $2.5 million reward would be wise to contact the US Secret Service with information that could lead to Kadariya’s apprehension.
Alternatively, people who are located outside of the United States are invited to contact their nearest US embassy or consulate.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor and do not necessarily reflect those of Tripwire.