February 26, 2019

A Russian court has handed down lengthy prison terms for two men convicted on treason charges for allegedly sharing information about Russian cybercriminals with U.S. law enforcement officials. The men — a former Russian cyber intelligence official and an executive at Russian security firm Kaspersky Lab — were reportedly prosecuted for their part in an investigation into Pavel Vrublevsky, a convicted cybercriminal who ran one of the world’s biggest spam networks and was a major focus of my 2014 book, Spam Nation.

Sergei Mikhailov, formerly deputy chief of Russia’s top anti-cybercrime unit, was sentenced today to 22 years in prison. The court also levied a 14-year sentence against Ruslan Stoyanov, a senior employee at Kaspersky Lab. Both men maintained their innocence throughout the trial.

Following their dramatic arrests in 2016, many news media outlets reported that the men were suspected of having tipped off American intelligence officials about those responsible for Russian hacking activities tied to the 2016 U.S. presidential election.

That’s because two others arrested for treason at the same time — Mikhailov subordinates Georgi Fomchenkov and Dmitry Dokuchaev — were reported by Russian media to have helped the FBI investigate Russian servers linked to the 2016 hacking of the Democratic National Committee. The case against Fomchenkov and Dokuchaev has not yet gone to trial.

What exactly was revealed during the trial of Mikhailov and Stoyanov is not clear, as the details surrounding it were classified. But according to information first reported by KrebsOnSecurity in January 2017, the most likely explanation for their prosecution stemmed from a long-running grudge held by Pavel Vrublevsky, a Russian businessman who ran a payment firm called ChronoPay and for years paid most of the world’s top spammers and virus writers to pump malware and hundreds of billions of junk emails into U.S. inboxes.

In 2013, Vrublevsky was convicted of hiring his most-trusted spammer and malware writer to launch a crippling distributed denial-of-service (DDoS) attack against one of his company’s chief competitors.

Prior to Vrublevsky’s conviction, massive amounts of files and emails were taken from Vrublevsky’s company and shared with this author. Those included spreadsheets chock full of bank account details tied to some of the world’s most active cybercriminals, and to a vast network of shell corporations created by Vrublevsky and his co-workers to help launder the proceeds from their various online pharmacy, spam and fake antivirus operations.

In a telephone interview with this author in 2011, Vrublevsky said he was convinced that Mikhailov was taking information gathered by Russian government cybercrime investigators and feeding it to U.S. law enforcement and intelligence agencies. Vrublevsky told me then that if ever he could prove for certain Mikhailov was involved in leaking incriminating data on ChronoPay, he would have someone “tear him a new asshole.”

An email that Vrublevsky wrote to a ChronoPay employee in 2010 eerily presages the arrests of Mikhailov and Stoyanov, voicing Vrublevsky’s suspicion that the two were closely involved in leaking ChronoPay emails and documents that were seized by Mikhailov’s own division. A copy of that email is shown in Russian in the screen shot below. A translated version of the message text is available here (PDF).

A copy of an email Vrublevsky sent to a ChronoPay co-worker about his suspicions that Mikhailov and Stoyanov were leaking government secrets.

Predictably, Vrublevsky has taken to gloating on Facebook about today’s prison’s sentences, calling them “good news.” He told the Associated Press that Mikhailov had abused his position at the FSB to go after Internet entrepreneurs like him and “turn them into cybercriminals,” thus “whipping up cyber hysteria around the world.”

This is a rather rich quote, as Vrublevsky was already a well-known and established cybercriminal long before Mikhailov came into his life. Also, I would not put it past Vrublevsky to have somehow greased the wheels of this prosecution.

As I noted in Spam Nation, emails leaked from ChronoPay suggest that Vrublevsky funneled as much as $1 million to corrupt Russian political leaders for the purpose of initiating a criminal investigation into Igor Gusev, a former co-founder of ChronoPay who went on to create a pharmacy spam operation that closely rivaled Vrublevsky’s own pharmacy spam operation — Rx Promotion.

Vrublevsky crowing on Facebook about the sentencing of Mikhailov (left) and Stoyanov.


58 thoughts on “Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison

  1. Dennis

    What a fun time awaits them — going to Russian prison. All I can see is that Putin’s people are pissed to have their US election plans go awry and having totally backfired on them. 20 years is a harsh sentence!

    1. JCitizen

      Seems like this news makes a liar out of Putin, what with all his denials they weren’t meddling in the US elections and all. So then he arrests two people for —- exposing the meddling? Doh!

      It would have been smarter to leave them alone – most people don’t believe the Russians had an ounce of influence on US elections anyway – now probably they do!

      1. treFunny

        I have never seen any evidence showing it swayed the election in any substantial amount…

        Please share anything that shows anyone was swayed or anything these troll farms did other than give the Democrats a crutch to fall on (instead of blaming themselves) for running a terrible campaign with a cost greater than 1 BILLION DOLLARS….

        Its all an excuse. They never thought she could lose. She did, now you have that “oh so scary” orange man.

        1. JCitizen

          I totally agree with you and the subsequent comments of this thread. When you look at the millions of dollars spent in political advertising and still people are not swayed – you know those ridiculous FAKE news items did even make a bump.

      2. Ivotedtrump

        Yes, I admit it, I voted for Trump because of the Russians???! How stupid do people think the America People are? Give it up please!!!

        1. Exactly

          I think enough people voted for Trump just because of the dislike towards Hillary!

          All these people against Trump for Russia, must forgot who sold Russia all that damn Uranium!!!!!

  2. Columbus_viaLA

    One Deep State colluding with another in order to shut down dangerous dissidents from either or both. Looks like a nothing burger to me.

    1. Schlong Naughton

      Did their job really entail sharing personal information of .ru citizens with foreign governments?

      1. Anon404

        Sharing info about worthless cybercriminals with law enforcement is everyones job.

  3. The Sunshine State

    Spammer: A person or persons who has the morals and integrity lower than pond scum

  4. James Schumaker

    Here’s another point of view that fills in some blanks: “Zenz thinks the entire case is a manifestation of infighting between different units of the FSB, and between the FSB and the Russian military intelligence unit, the GRU. Stoyanov himself has cast the prosecution as payback, because he’d been stirring up trouble by criticizing the FSB’s practice of granting effective immunity to hackers willing to do some espionage on the side. https://www.thedailybeast.com/kremlin-accused-her-of-being-a-us-spy-she-offered-to-go-to-moscow?source=facebook&via=desktop&fbclid=IwAR0_V4rNw2tB6n-PNKkKckKKCZZ2GrcQOdctYqOnWe9ydG8cUXEWtNuw4Q8

  5. Fossi Bare

    The world of moral security experts share criminal behavior, this is part of how spam filters work, threat collections, correlating attacks and how observing malicious traffic. This is how we as a world make our world more secure and allow businesses to function and people from losing their savings and credit.

    Instead of being recognized as moral people, they are going to serve hard time. The precedent set is that we can no longer trust Russian security companies to do the right thing because they will be prosecuted and imprisoned.

    Many people, organizations, and companies share information to stop or help prevent malicious activity from spreading. By sharing this information about malicious activities which may come from within, they may now be held accountable as traitors or criminals.

    I understand, perhaps, why the US government has some already rethinking their Kaspersky purchases or removing it altogether worrying about their close ties to the Kremlin.

    This is very unfortunate, a very good product but in a communist environment. Some very good people but in a communist environment. Well, the good news for Russia is the the Republik of Kalifornia is sending out mind-numbed agents of chaos and Leftism to infiltrate the rest of the USA. Unfortunately, we cannot purge them as of yet. If our great president does not manage to get re-elected, our only hope will remain in President Duterte…and why not?? We elected a Muslim Pharaoh for president from another continent…

    1. redguru

      Please don’t publish your political views. This is not the correct forum for that material.

    2. Panoplia Theos

      Those were actually really interesting thoughts you had up until that last paragraph. That escalated quickly…

      1. SeymourB

        People can try to keep their demons in check but they will eventually come out and expose themselves. When they do it in person usually they’re put in contact with mental health professionals in short order but on the internet, there’s real no way of connecting them. And so their untreated mental health problems continue to grow worse.

        There’s another site I’m on where a guy has literally carried on a conversation with himself going back years about a topic nobody but him particularly cares about, so we all just kind of ignore him and he ignores us. Whenever somebody new unwittingly comments in his topic he completely ignores them, whether they support his view or not. Nobody knows anything about him because he never reveals anything outside the scope of the topic, yet there he is, day after day, week after week, month after month, carrying on a conversation with himself. Its sad.

  6. Readership1

    “Russian hacking activities tied to the 2016 U.S. presidential election.” Citation required.

    1. Anon404

      https://www.cnn.com/2016/12/12/politics/russian-hack-donald-trump-2016-election/index.html
      https://www.cnn.com/2016/12/26/us/2016-presidential-campaign-hacking-fast-facts/index.html
      https://en.wikipedia.org/wiki/Russian_interference_in_the_2016_United_States_elections
      https://www.theguardian.com/us-news/2016/dec/16/qa-russian-hackers-vladimir-putin-donald-trump-us-presidential-election
      https://www.bbc.com/news/world-us-canada-44825345
      https://www.wired.com/story/did-russia-affect-the-2016-election-its-now-undeniable/
      https://www.nytimes.com/interactive/2018/07/13/us/politics/how-russia-hacked-the-2016-presidential-election.html
      https://www.forbes.com/sites/haroldstark/2017/01/24/how-russia-hacked-the-election/

      Thats a very VERY small sample, or do you need more?

      1. Readership1

        Every one of those “sources” traces back to Google-funded Crowdstrike, Facebook and Twitter (each of whom supported the unsuccessful candidate), anonymous sources, or Deep State bureaucrats (of red and blue stripes).

        Show me an independent source.

        I requested a citation because I have yet to read evidence from a trusted source, including KOS, with direct or secondhand knowledge of 2016 election meddling by Russia, the country, or at the direction of its leadership.

        Frankly, I’m surprised that KOS’ extensive network of sources in Eastern Europe has not provided sufficient evidence of 2016 election meddling by Russia for BK to write a unique, convincing piece about it.

        And really, you’re going to cite rags like cnn and nytimes? Why not pravda and wapo, while you’re at it?

  7. Readership1

    I wish our government dealt with traitors like the Russians deal with theirs. Deep State bureaucrats with an inflated sense of entitlement and righteousness deserve to spend long periods in prison.

    1. Scott

      No you don’t…or if you do then you are totally ignorant, or at best oblivious, to the atrocities of the Russian “justice” system.

      I’d rather some bad people get away with their crimes sometimes, than have a system like Russia’s where GOOD people (not specifically talking this case) can be tried and sentenced for “crimes against the state.” You do NOT want that system.
      Our system (I’ll assume you’re US, but applies to any FREE society) has its flaws, but it is still much better than that.

      1. Erik

        +1

        My wife grew up in the USSR, and believe me, anyone with an ounce of sense would infinitely prefer even our very screwed up justice system to theirs.

        1. Mike

          “I wish our government dealt with traitors like the Russians deal with theirs. Deep State bureaucrats with an inflated sense of entitlement and righteousness deserve to spend long periods in prison.”

          He is talking about TRAITORS within bureaucrats! Not their entire justice system.

          People in power within the USA do get off way too easy and it would be much more respected by the people if those in power were held to a higher standard instead of high-paid lawyers that get those in power off with slaps on the wrist!!!!

    2. JimV

      Better yet, put all the derp-state trolls (like yourself) into a prison cell, and then permanently disable the locking mechanism so the door can’t be opened.

      1. blah

        You’re a douche. STFU until you figure out that others are not bad because they do not think like you. So much for critical thinking skills.

    3. SkunkWerks

      I dunno.

      I kinda wish our government dealt with traitors in the way that best befits our government, and payed little if any attention to what other governments are doing with their traitors- cause frankly- they ain’t us.

      America First?

  8. Mahhn

    Count on lots of honest business to take this as one more kick in the pants to get out of Russia. Kaspersky is likely to wash his hands of his government once and for all.
    This may be just another blow to integrity of judicial systems, but it’s another big win for the giant criminal elements in the world, as they know they can do anything and have no repercussions.

  9. Panoplia Theos

    I guess Russia really is Putin people in jail, huh? Sorry, I had to… I’ll see myself out.

  10. Jerry Lundy

    Wow, Brian. You seem to have hit a nerve with the faux-American pro-Russian troll farms.

    1. JimV

      …and some of those Russian trolls take being outed and then publicly castigated for their trollish behavior quite personally…

  11. jakebanzai

    The bots and mindless talking point trolls of both Fox and CNN seemed to have found their way to this particular post. Oh well, either way, Brian’s site gets the hits.

      1. spineless troll #222

        There are four genders – inie, outtie, neither, both.

    1. Mindless Talking Point Troll #223

      Mitochondria is the powerhouse of the cell.

  12. vb

    A Russian friend once told me that there are only two forms of government in Russia: “Rich criminals control the government” and “Rich criminals are the government”.

  13. SkunkWerks

    So:

    “These accusations of Election interference are RIDICULOUS!”

    Somehow coexists with:

    “Also, please stop doxxing our people doing the interfering to foreign intelligence, or we’ll send y’all to jail.”

    Nifty.

    Must be hard to live in multiple conflicting realities at the same time.

  14. Rebecca

    Hey Brian, only one comment on Pavels Facebook page and that is someone linking this story. Clearly they fear you, admire you or both!

  15. Jon

    The more I learn about Russia and China, the more grateful I am that we won the Cold War.

    1. Steve

      We did win the Cold War. Now, sadly, we must fight to win the next round.

  16. Hayton

    It’s been quite a while since your old friend Pavel featured in a story. It’s almost like old times. Pavel is having a fun time on FB and elsewhere, basically saying “I told you so” and “Serve them right”. You’ve seen the post he put on LiveJournal? It’s quite funny, and he has a go at Kimberley Zenz – especially her exploits as Captain of the Elephant Polo team 🙂

    “Out of all websites on Earth last one I expected to have FAQ was a CIA website. CIA website promptly explained me that Langley in fact is in McLean village.

    So Miss Zenz, who vehemently denied she worked for CIA, coincidentally, just as her father, actually lived in the same village where the CIA is located. Considering how big the CIA is and how small McLean is, I would except her to be one of very few villagers not employed by the CIA, and the only one with an elephant.”

    You get noticed too Brian – well, sort of. He’s very sniffy about “Pharma Wars” 🙂
    https://pavelvrublevsky.livejournal.com/454.html

    And then there’s this (there are 2 earlier articles). The translation is ponderous, but it gives some useful detail.
    https://rusletter.com/articles/sergey_mikhailov_and_ruslan_stoyanov_sold_state_secret_for_36_years

    1. Hayton

      Vikings (starting to chant) : ” Spam spam spam spam…”

Comments are closed.