U.S. v. Andrey Turchin

The indictment charges TURCHIN with conspiracy to commit computer hacking, two counts of computer fraud and abuse (hacking), conspiracy to commit wire fraud, and access device fraud.  TURCHIN and his accomplices perpetrated an ambitious hacking enterprise broadly targeting hundreds of victims across six continents.  TURCHIN employed a collection of hacking techniques and malicious software (malware) to gain and maintain access to victim networks.  For instance, he often used specially designed code to scan the Internet for open Remote Desktop Protocol (RDP) ports and conduct brute-force attacks to initially compromise victim networks.  Once inside the victim’s system, he moved laterally throughout the network and deployed additional malicious code to locate and steal administrative credentials and establish persistent access.  The conspirators often modified antivirus software settings to allow malware to continue to run undetected.  TURCHIN and his co-conspirators then marketed and sold the network access on various underground forums commonly frequented by hackers and cybercriminals, such as Exploit.in, fuckav.ru, Club2Card, Altenen, Blackhacker, Omerta, Sniff3r, and L33t, among others.  As has been publicly reported, the “fxmsp” group has been linked to numerous high-profile data breaches, ransomware attacks, and other cyber intrusions.