Estonian cybercriminal gets 5.5 years jail time, to pay $36M in restitution over role in ransomware attacks

FTC-lawsuit-Kochava-geolocation data

A federal court sentenced a Estonian cybercriminal named Maksim Berezan to serve 66 months or 5.5 years in prison for his involvement in multiple ransomware attacks that caused approximately $53 million in losses.

Additionally, the court ordered the Estonian cybercriminal to pay more than $36 million in restitution.

Details of the criminal case against the Estonian cybercriminal

In June 2020, the U.S. Department of Justice (DOJ) filed an indictment against Berezan, who was an active member of DirectConnection, a Russian forum website wherein cybercriminals meet and assist each other in planning and executing cybercrimes such as ransomware attacks.

The DOJ alleged that Berezan worked closely with Russian-speaking cybercriminals to expand their criminal goals including obtaining and exploiting stolen financial account information.

In November 2020, the Latvian police arrested Berezan based on information from U.S. authorities. The police found and seized over $200,000 in currency, $1.7 million in bitcoin, vehicles including a Porsche Carrera 911, a black Porsche Cayenne, a Ducati motorcycle, and jewelries from the Estonian cyber criminal during a search at his residence.