Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

The Hacker News

Overview

Ilya Angelov, a 40-year-old Russian man, has been sentenced to two years in prison for his role in managing a botnet that facilitated ransomware attacks targeting U.S. companies. The botnet, associated with a cybercriminal group known as TA551, was used to deploy malicious software that locked users out of their systems until a ransom was paid. In addition to his prison sentence, Angelov was fined $100,000. This case underscores the ongoing challenges posed by international cybercrime, particularly how individuals can exploit technology to harm businesses and individuals across borders. The sentencing aims to deter similar cybercriminal activities and demonstrates law enforcement's commitment to addressing ransomware threats.

Key Takeaways

  • Affected Systems: U.S. companies affected by ransomware attacks from the TA551 botnet.
  • Action Required: Companies should enhance their cybersecurity measures, including regular data backups, employee training on phishing scams, and implementing robust security protocols to prevent ransomware infections.
  • Timeline: Ongoing since at least 2020

Original Article Summary

The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies. Ilya Angelov, 40, of Tolyatti, Russia, was also fined $100,000. Angelov, who went by the online aliases "milan" and "okart," is said to have co-managed a Russia-based cybercriminal group known as TA551 (aka

Impact

U.S. companies affected by ransomware attacks from the TA551 botnet.

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Ongoing since at least 2020

Remediation

Companies should enhance their cybersecurity measures, including regular data backups, employee training on phishing scams, and implementing robust security protocols to prevent ransomware infections.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware, Exploit, Botnet.

Related Coverage

What public money does to open-source projects

Help Net Security

Open-source software plays a crucial role in the infrastructure of many companies, with about 96 percent of codebases incorporating it. This reliance became evident with high-profile vulnerabilities like the log4j flaw in December 2021, which affected a wide range of applications, from social media platforms to gaming software. More recently, the xz utils backdoor discovered in 2024 has further emphasized the security risks associated with open-source projects. These incidents raise concerns about the stability and security of software that many organizations depend on but do not financially support. As open-source projects often rely on volunteer contributions, the need for dedicated funding and resources to maintain and secure these projects is becoming increasingly critical.

Jul 16, 2026

Ransom demands are down, email is the top way attackers get in

Help Net Security

A recent survey of 2,158 IT and security leaders reveals that email, particularly through phishing attacks, is the primary method for cyber attackers to gain access to networks. In many cases, employees unknowingly open malicious emails and provide their login credentials, allowing attackers to infiltrate deeper into the system. This chain of events often leads to ransomware incidents, where files become inaccessible. Notably, while ransom demands have decreased, the reliance on email as an attack vector remains significant, accounting for half of all reported incidents. This trend emphasizes the need for organizations to bolster their email security and educate employees about the risks of phishing.

Jul 16, 2026

Companies keep getting breached by vulnerabilities they already knew about

Help Net Security

A recent survey by Vicarius reveals a troubling trend in cybersecurity: many companies are getting breached by vulnerabilities they were already aware of. Despite advanced scanning tools that help identify weaknesses across systems, organizations struggle with the subsequent steps of fixing these vulnerabilities. The survey included responses from 300 IT and cybersecurity leaders in the U.S. and the U.K., highlighting a significant gap in the process of assigning, approving, deploying, and confirming fixes. This issue raises concerns about the effectiveness of current cybersecurity strategies and the potential risks to sensitive data. Organizations need to address these gaps to better protect themselves from breaches that could have been prevented.

Jul 16, 2026

GPT-Red beat human red teamers on a prompt injection test

Help Net Security

OpenAI's GPT-Red, an automated red-teaming model, has outperformed human red teamers in testing for prompt injection vulnerabilities. The model operates similarly to a human attacker, sending prompts to a GPT model and analyzing the responses to identify weaknesses. Through a process called self-play reinforcement learning, GPT-Red learns alongside various defensive models to improve its effectiveness in finding and exploiting vulnerabilities. This development raises concerns about the capabilities of AI in cybersecurity, as it can potentially identify and exploit weaknesses faster than human teams can respond. As AI continues to advance, organizations may need to enhance their defenses against such automated threats.

Jul 16, 2026

Finance phishing works because it sounds boringly normal

Help Net Security

Phishing attacks targeting finance departments are becoming increasingly sophisticated and effective. According to research from Cofense, attackers are crafting phishing emails that mimic legitimate business communications, making them harder to detect. These emails often bypass advanced email security tools, such as AI-based secure email gateways, because they lack the typical urgency cues that would raise alarms. This tactic poses a significant risk to organizations in the financial sector, as employees might unknowingly engage with these deceptive messages, potentially leading to data breaches or financial loss. Companies need to enhance employee training and awareness to combat these subtle phishing efforts.

Jul 16, 2026

Dutch police bust investment fraud ring stealing over €100 million

BleepingComputer

Dutch police have arrested several individuals connected to an international investment fraud scheme that has reportedly defrauded over €100 million from tens of thousands of victims. The suspects are believed to have lured investors with promises of high returns, often targeting individuals through online platforms. This crackdown is part of a larger effort to combat financial fraud, which has been on the rise, particularly with the increase in online investment opportunities. The police are now investigating the full extent of the operation and are urging anyone who thinks they might have been a victim to come forward. The implications of this fraud ring are significant, as it not only affects individual investors but also undermines trust in legitimate investment practices.

Jul 15, 2026