A Russian national has been sentenced to two years in a United States federal prison and ordered to pay $1.6 million for his role in a major ransomware and botnet operation. Ilya Angelov pleaded guilty to managing the Mario Kart botnet, which compromised dozens of American corporate networks and facilitated millions of dollars in extortion payments.

The sentencing occurred in a Detroit federal court where Judge Nancy Edmunds delivered the two-year term along with a $100,000 fine and a significant money judgment. Ilya Angelov, a resident of Tolyatti, Russia, admitted to overseeing a botnet—a vast network of malware-infected computers controlled remotely—to breach the security of numerous U.S. companies. This criminal infrastructure was active for approximately four years, spanning from 2017 to 2021, and served as a foundational tool for various cybercriminal activities.

The cybercriminal group Angelov co-managed was tracked by the FBI under the name Mario Kart, though private security researchers identified the same threat actor by several other aliases, including TA-551 and Gold Cabin. Rather than executing every attack themselves, the group frequently sold access to their infected network to other criminal organizations. These third-party groups then utilized that access to deploy ransomware, effectively turning the botnet into a gateway for high-stakes digital extortion.

Investigations revealed the massive scale of the damage caused by the network's illicit services. The FBI identified more than 70 companies within the United States that suffered ransomware infections linked directly to Angelov’s operation, resulting in total extortion payments exceeding $14 million. Furthermore, the botnet proved to be a lucrative asset on its own, with at least one other ransomware group paying over $1 million specifically to gain access to the compromised systems under Angelov’s control.

The successful prosecution was the result of a complex international effort led by the FBI Detroit Cyber Task Force. Assistance from Dutch and German authorities, along with the Department of Justice’s Office of International Affairs, was vital in tracking the illicit activity across borders. This cooperation highlights the increasing necessity of global partnerships in the fight against decentralized cybercrime and the technical challenges of attributing digital attacks to specific individuals.

FBI officials emphasized that the sentencing should serve as a warning to cyber criminals who believe that geographic distance or digital anonymity provides them with immunity. Special Agent in Charge Jennifer Runyan noted that the case reflects the bureau's commitment to dismantling the financial networks that exploit U.S. corporations. By holding Angelov accountable, law enforcement aims to disrupt the broader ecosystem of botnet operators and ransomware affiliates that continue to threaten global digital security.

Source: https://www.cbsnews.com/detroit/news/russian-national-ransomware-computer-botnet-scheme/