Five Russians accused of being hackers have been arrested in a series of American-led raids over the last nine months – all of them grabbed while on vacation across Europe.
The arrests come at a moment when relations between Moscow and Washington are tense — at best — and where politicians are grappling with the allegations that Kremlin hackers intervened in the U.S. election in an effort to help President Trump.
According to Axios, the arrests also come as Russian security services struck a deal with the country’s cybercriminals that allow them to work as long as they also conduct state-ordered missions.
The five men have been identified as: Pyotr Levashov, 36; Evgeny Nikulin, 29; Alexander Vinnik, 38; Stanislav Lisov, 31; and Yury Martyshev, 35. They were all grabbed outside of their homeland, which has no extradition agreement with the United States.
“There is a big hunt underway,” said Andrei Soldatov, an expert on the Russian security services and co-author of “Red Web,” a book about Russian attempts to control the internet. He said the recent burst of arrests made it look like the U.S. was “trying to understand what’s going on with a very complicated world of Russian hacking and a very complicated relationship between Russian hackers and Russian secret services.”
But Soldatov didn’t rule out another possible explanation: The imprisoned Russians may be falsely tying their arrests to Trump’s election in a bid to sow confusion and politicize their cases.
“It’s a very big question,” he said.
Several of the men have suggested their arrests are linked to the election turmoil, however no firm evidence has been found backing the claim.
Jim Lewis, of the Center for Strategic and International Relations, told Axios that the arrests are intended as a message by the U.S. that Russia’s increasingly intelligent cyberwarfare cannot be carious out with impunity.
He said the investigation began around 2014 as the U.S. began to look into who was responsible for a wave of cyberattacks.
Robert Morgus, a cyber specialist at the New America Foundation, told Axios that investigators concluded the cyberattacks were carried out largely by private hackers coordinated through Russia’s security services.
Easily the best known of the five, Levashov, is accused by U.S. prosecutors of being “one of the world’s most notorious criminal spammers.” He is fighting extradition after police raided his AirBNB apartment he was sharing with his family in Barcelona in April. Law enforcement have linked Levashov, via his alias “Peter Severa,” to a series of powerful networks of hijacked computers carrying names like Storme, Waldec and Kelihos.
Alan Ralsky, an American bulk email baron once dubbed the “King of Spam,” previously worked with Levashov. He described the Russian as a master of his trade.
“He made me look like an amateur,” he said in a recent interview. “He got to every mailbox there ever was.”
Nikulin, 29, was arrested in a restaurant in Prague in October, accused of hacking into LinkedIn and Dropbox around the time that tens of millions of users there were compromised.
Lisov, 31, the alleged developer of the NeverQuest financial data-stealing software, was detained at Barcelona’s airport during his honeymoon in January.
Martyshev, 35, accused of helping run a service that let cybercriminals test-drive their malicious software, was recently extradited to the U.S. after being pulled off a train at the Russia-Latvia border in April.
Vinnik, 38, was arrested at his hotel in Greece on charges of running a money laundering ring for hackers that processed billions of dollars in digital currency.
The Associated Press contributed to this report.