He is 38 years old, his name is Maksim Silnikau —although he is also known as Maksym Silnikov— and he was one of the most wanted cybercriminals on the planet since he took his first steps in 2011. Throughout his career he has developed malware —malicious computer programs— that he and others have used to scam 500 million victims worldwide, according to estimates by the National Crime Agency (NCA) of the United Kingdom, which has classified him as “head of prolific cybercrime groups.” After a long international investigation, he was located and arrested by the Civil Guard in July last year in Estepona (Málaga, 74,493 inhabitants) in an operation that did not come to light at the time. However, while his extradition to the United States, which wanted him for numerous crimes, was being processed, the National Court released him provisionally, considering that there was no risk of flight. Oscar Lopez-Fonseca reportsSilnikau took advantage of his release from prison to escape.

His trail went missing until he was detected trying to cross the border between Poland and Belarus, his country of origin. There he was arrested again and, this time, on August 9 he was handed over to the authorities in Washington to answer the charges against him in courts in the districts of New Jersey and Virginia. His case recalls the escape of Karim Bouyakhrichan, considered one of the main bosses of the Mocro Maffia, who was arrested in Marbella in January and fled shortly after being released on bail following a lack of coordination between judicial bodies.

To Silnikau, also known by the aliases of JP Morgan, xxx and lanskyis accused of being the creator and administrator of Ransom Cartel —a malware which mainly attacks companies—as well as the distribution of malicious software such as CryptXXX or Cryptowall, among many others. Also from Reveton, a ransomware which impersonates the FBI in order to demand a ransom from the victim after denying them access to their files. Its operation is simple: after blocking access to Windows on the infected device, whether it was a computer, tablet or mobile phone, the virus displayed a supposed FBI notification on the screen. It indicated that child pornography and copyrighted materials had been detected on the computer, and demanded payment so that the user would not be reported.

The scam became a goldmine for Silnikau, raking in up to $34 million (€30.8 million) a year. “As well as causing significant financial and reputational damage, his scams caused victims severe levels of stress and anxiety,” said Paul Foster, head of the National Cybercrime Unit and deputy director of the NCA, in a statement.

Silnikau and his collaborators – two of them, the Belarusian Vladimir Kadariya, 38 years old and the Russian Andrei Tarasov, 33, have also been arrested in the operation – are described as pioneers in the development of cybercrime. The Civil Guard believes that the computer tools developed by this group have allowed the popularization of cybercrime and its enormous growth worldwide. The armed institute highlights that these programs have allowed “people without advanced technical knowledge” to launch attacks of ransomware effective in exchange for payment. The three were dedicated to “attacking millions of unsuspecting Internet users in the United States and around the world,” added FBI Deputy Director Paul Abbate in a statement.

TO JP Morganin particular, is considered the creator of Angler, a “scan kit” used by cybercriminals to distribute all kinds of malware. malwarefrom ransomware and banking Trojans to advertising frauds, which are capable of infecting a computer without the user having to click on any link. Angler is one of the most widely used systems by criminals worldwide and for this reason Silnikau is held responsible for the scams resulting from its use.

In the operation, baptized Seacatch-Weighhousein addition to the Civil Guard, the British NCA and the FBI (specifically, its Kansas City office), the United States Secret Service, the Security Service of Ukraine, the Singapore Police Force, the Judicial Police of Portugal and the Central Office against Cybercrime of Poland participated. The NCA highlights that the searches obtained “key evidence” for the investigations, including more than 50 terabytes of data, which are being analyzed and with which it is hoped to extend the investigation to more cybercriminals linked to the network. When Silnikau was arrested on July 18, 2023 in the apartment of a luxury development in Estepona, the agents located a high-end BMW car and a Bentley in his garage, a car brand whose cheapest model exceeds 200,000 euros.