Arrest

Vyacheslav Igorevich Penchukov, also known as Tank and one of the leaders of the notorious JabberZeus cybercrime gang, was arrested in Geneva last month.

The Swiss Federal Office of Justice (FOJ) said Penchukov was arrested last month and is waiting to be extradited to the United States, although he can still appeal FOJ's decision.

"By order of the Federal Office of Justice (FOJ) and based on an extradition request from the USA, a Ukrainian national was arrested in the Canton of Geneva on 23 October 2022 and detained pending extradition," Swiss prosecutors told BleepingComputer.

"The US authorities accuse the prosecuted person of extortion, bank fraud, and identity theft, among other things. During the hearing on 24 October 2022, the person did not consent to his extradition to the USA via a simplified proceeding.

"After completion of the formal extradition procedure, the FOJ has decided to grant his extradition to the USA on 15 November 2022. The decision of the FOJ may be appealed at the Swiss Criminal Federal Court, respectively at the Swiss Supreme Court."

Cybersecurity journalist Brian Krebs first reported that Penchukov was arrested while traveling to Geneva to meet with his wife.

JABBERZEUS wanted poster
JABBERZEUS wanted poster (FBI)

From stealing bank accounts to ransomware

The U.S. Department of Justice first charged Penchukov in 2012, accusing him of being involved in a conspiracy to steal millions of dollars using bank account numbers, passwords, personal identification numbers, and other sensitive info stolen using the notorious Zeus malware.

Multiple sources previously told BleepingComputer that Penchukov was also one of the managers of the Maze and Egregor ransomware operations.

Maze ransomware popularized double-extortion attacks, where the threat actors also stole data and used it as further leverage to pressure victims into paying a ransom. Maze later rebranded to the Egregor and Sekhmet operations to evade law enforcement. 

BleepingComputer was also told that he was among the suspects arrested in January 2021 by Ukrainian police following an international law enforcement operation targeting Egregor ransomware gang members.

However, according to Krebs' report, he was able to evade prosecution with the help of his political connections, including the late son of former Ukrainian President Viktor Yanukovych.

As one of JabberZeus cybercrime ring's leaders, Penchukov managed the stolen banking credentials and the money mules who wired money from the victims' accounts into those controlled by the cybercriminals.

Together with eight other suspects, he was charged with conspiring to participate in "racketeering activity, conspiracy to commit computer fraud and identity theft, aggravated identity theft, and multiple counts of bank fraud."

Two of his co-conspirators, Ukrainian nationals Yevhen Kulibaba and Yuriy Konovalenko, pleaded guilty in November 2014 after being extradited from the UK and were sentenced to two years and ten months of incarceration in May 2015.

Related Articles:

Ukraine arrests hackers trying to sell 100 million stolen accounts

Zeus, IcedID malware gangs leader pleads guilty, faces 40 years in prison

Interpol operation Synergia takes down 1,300 servers used for cybercrime

Hacker arrested for selling bank accounts of US, Canadian users

$700 cybercrime software turns Raspberry Pi into an evasive fraud tool