Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months

A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 million in intended losses, after being arrested in Italy and extradited to the United States where he pleaded guilty.

According to prosecutors, Volkov was an initial access broker who found vulnerabilities in computer networks, gained unauthorized access, and sold that access to other cybercriminals.

Volkov’s co-conspirators used the access he provided to deploy malware that encrypted victims’ data and disrupted their operations. They then demanded cryptocurrency payments, sometimes in the tens of millions of dollars, in exchange for restoring access and not releasing stolen data on leak sites.

Some victims paid, while others refused and had their data published. Volkov took a share of the payments.

In November 2025, Volkov pleaded guilty to charges including access device fraud, identity theft, conspiracy to commit computer fraud, and money laundering. He agreed to pay restitution to victims and forfeit equipment used in the crimes.

The ruling signals law enforcement focus on individuals who enable ransomware attacks, even without direct involvement.