A Russian citizen was sentenced today for his participation in a criminal enterprise that installed and exploited malicious computer software (malware) on tens of thousands of computer servers throughout the world to generate millions of dollars in fraudulent payments. Acting Assistant Attorney General Kenneth A. Blanco of the Department of Justice’s Criminal Division, Acting U.S. Attorney Gregory G. Brooker of the District of Minnesota and Special Agent in Charge Richard T. Thornton of the FBI's Minneapolis Field Office made the announcement.

“The defendant and his co-conspirators sought to turn a network of thousands of infected computers in the United States and around the world into their personal cash machines,” said Acting Assistant Attorney General Blanco. “But cybercriminals like Mr. Senakh should take heed: they are not immune from U.S. prosecution just because they operate from afar or behind a veil of technology. We have the ability and the determination to identify them, find them, and bring them to justice.”

“Working within a massive criminal enterprise, Maxim Senakh helped create a sophisticated infrastructure that victimized thousands of Internet users across the world,” said Acting U.S. Attorney Brooker. “As society becomes more reliant on computers, cybercriminals like Senakh pose a serious threat. This Office, along with our law enforcement partners, are committed to detecting and prosecuting cybercriminals no matter where they reside.”

“The sentence handed down today sends a strong message to international cyber criminals who mistakenly believe they can prey on the American people with impunity,” said Special Agent in Charge Thornton. “The FBI is committed to working closely with our global law enforcement partners to investigate criminal enterprises such as this and hold those responsible to account for their crimes wherever they may be.”

Maxim Senakh, 41, of Veliky Novgorod, Russia, was sentenced to 46 months in prison and will be deported following his release from prison. Senakh pleaded guilty on March 28, to conspiracy to commit wire fraud and to violate the Computer Fraud and Abuse Act. He was indicted on Jan. 13, 2015, and was subsequently arrested by Finnish authorities, who extradited him to the U.S. in February 2016.

According to admissions made in connection with the plea agreement, the malware, which is known as Ebury, harvested log-on credentials from infected computer servers, allowing Senakh and his co-conspirators to create and operate a botnet comprising tens of thousands of infected servers throughout the world, including thousands in the U.S. Senakh and his co-conspirators used the Ebury botnet to generate and redirect internet traffic in furtherance of various click-fraud and spam e-mail schemes, which fraudulently generated millions of dollars in revenue. As part of his plea, Senakh admitted that he supported the criminal enterprise by creating accounts with domain registrars that helped develop the Ebury botnet infrastructure and personally profited from traffic generated by the Ebury botnet.

The FBI Minneapolis Field Office investigated this case. Senior Counsels Aaron Cooper and Benjamin Fitzpatrick of the Criminal Division’s Computer Crime and Intellectual Property Section and former Assistant U.S. Attorney Kevin Ueland of the District of Minnesota prosecuted the case. The government of Finland, the Bundeskriminalamt (BKA), CERT-Bund and the cyber security firm ESET all provided substantial assistance in this case. The Criminal Division’s Office of International Affairs also provided substantial assistance.