Back to all videos

The dark secrets of a jailed cyber-criminal | Global News Podcast

By BBC News

Cybercrime OperationsMalware DevelopmentLaw Enforcement InvestigationsCriminal Psychology
Share:

Key Concepts

  • Zeus Malware: A sophisticated banking trojan used by the Jabazus crew to hack into small and medium-sized businesses, redirecting funds from legitimate bank transactions to the criminals.
  • Jabazus Crew: A cybercrime group, active in the late 2000s, that utilized the Zeus malware. Their name derived from the Zeus malware and their use of the Jaba messaging service for notifications.
  • Vashlav Pentikov (Tank/DJ Slava Rich): A prominent Russian-speaking cybercriminal, formerly a leader of the Jabazus crew and later involved in ransomware. He is currently serving an 18-year prison sentence.
  • Ransomware: A type of malware that encrypts a victim's files and demands a ransom payment for their decryption.
  • Maxim Yakubets: A Russian hacker and former collaborator of Pentikov, allegedly leading the "Evil Corp" cybercrime group. He has been sanctioned by the US government.
  • Evil Corp: A major cybercrime group, allegedly led by Maxim Yakubets, responsible for stealing hundreds of millions of dollars through various schemes, including ransomware and hacking large companies.
  • Herd Mentality in Cybercrime: The phenomenon where a successful high-profile cyberattack, particularly one involving a large ransom payment, can inspire other criminals to replicate the tactic, leading to a widespread shift in targeting.
  • Universal Pathway to Cybercrime: The observation that the progression into cybercrime, regardless of geographical origin or language, often follows a similar pattern, starting from gaming and escalating to more serious criminal activities.

Exclusive Interview with a Cybercrime Kingpin: Vashlav Pentikov

This report details an exclusive interview with Vashlav Pentikov, also known as "Tank" and "DJ Slava Rich," a significant figure in the Russian-speaking cybercrime world. The interview, conducted by cyber correspondent Joe Tidy, offers a rare glimpse into the motivations, methods, and career trajectory of a high-level cybercriminal.

The Rise of the Jabazus Crew and Zeus Malware

Pentikov was a leader of the "Jabazus crew" in the late 2000s. This group specialized in using the Zeus malware, a sophisticated banking trojan.

  • Mechanism of Zeus Malware: The malware was designed to hack into the computers of medium and small-sized businesses. When a victim attempted to conduct business banking, the malware would intercept the transaction, diverting funds to the criminals instead of the intended bank.
  • The "Jabazus" Name: The "Jabazus" moniker originated from two key elements:
    • The use of the Zeus malware, named after the Greek god.
    • The adaptation of the malware to send notifications via the Jaba messaging service. A "ding" sound on the victim's computer signaled a successful breach.

Pentikov's Early Criminal Career and Personal Life

Pentikov's journey into cybercrime began at a young age, a path Tidy notes is common among hackers.

  • Teenage Beginnings: Pentikov started as a teenager, initially engaging in fraudulent activities by setting up fake websites selling non-existent goods. He would then use stolen credit card details to purchase these fake products from himself, tricking credit card companies into processing the transactions as legitimate sales.
  • Motivations: Pentikov stated his early motivations were a desire for "freedom" and "independence from our families." He used the illicit gains to purchase luxuries like beer, good clothes, and expensive shoes, even bragging about his wealth at school and owning six expensive German cars at one point.
  • Dual Life: Alongside his criminal activities, Pentikov also pursued a career as a DJ under the name "DJ Slava Rich."

Evading Justice and a Return to Cybercrime

Pentikov's career was marked by a prolonged period of evading law enforcement.

  • Initial Arrests and Escape: While most members of the Jabazus crew were arrested, Pentikov managed to evade capture in the early 2010s. Law enforcement sources suggest he received a tip-off from Ukrainian authorities.
  • Car Chase Escape: During a period of intense scrutiny from Ukrainian authorities, Pentikov reportedly used one of his expensive cars to escape police in a high-speed chase.
  • Attempted "Straight" Life and Re-engagement: After evading capture, Pentikov claims he attempted to go "straight" by starting a coal-selling business. However, he alleges he was extorted by authorities, which led him back into cybercrime. This second phase of his criminal career involved more serious offenses, including ransomware.

Pentikov's Time in Prison and Perspective

Pentikov is currently serving an 18-year sentence, with two nine-year sentences served concurrently, in a low-security prison.

  • Self-Improvement in Prison: Despite his incarceration, Pentikov has reportedly used his time to improve himself, enhancing his English language skills and maintaining physical fitness. This aspect is highlighted as particularly galling for his victims.
  • Lack of Remorse: Pentikov appears to have a charming demeanor but exhibits a notable lack of remorse for his actions. He acknowledges his wrongdoing but disputes the severity as portrayed by US authorities.
  • Victim Impact: The interview contrasts Pentikov's perspective with the devastating impact on his victims. An example cited is "Liber's Luggage," a small business in Albuquerque, which lost $12,000, a sum crucial for rent and staff payments. The hack caused immense stress, particularly for the elderly woman managing the accounts, who blamed herself for the loss.
  • Pentikov's Justification: When confronted with the victim impact, Pentikov's response was that "it's all on insurance," reflecting a belief that Western countries and companies can absorb such losses and that there are "no victims."

Involvement in Ransomware and the ICE ID Gang

Pentikov was also involved in ransomware operations, notably as a leader of the ICE ID gang around 2021.

  • ICE ID Operations: This gang controlled approximately 150,000 compromised computers globally. Members would divide these machines to identify those suitable for ransomware attacks or phishing campaigns.
  • Denial of Hospital Attack: Pentikov vehemently denies targeting a medical center in Vermont, a claim made during his plea deal. He states he was unaware a hospital was hit and denies involvement, suggesting his guilty plea was part of a deal.
  • Limited Remorse: The only instance where Pentikov expressed remorse was upon learning that his crew had taken money from a disabled children's charity.

The Parallel Career of Maxim Yakubets

The investigation also delves into Pentikov's former collaborator and friend, Maxim Yakubets.

  • Shared Past: Both Pentikov and Yakubets were part of the Jabazus crew in their early careers.
  • Evil Corp Leadership: Yakubets is allegedly a leader of Evil Corp, considered one of the most significant and damaging cybercrime groups in history.
  • Sanctions and Accusations: In 2019, Yakubets was sanctioned by US authorities for his alleged role in stealing hundreds of millions of dollars from companies worldwide through various schemes, including ransomware and hacking major entities like Garmin.
  • Public Image: Authorities have publicly depicted Yakubets as an archetypal "playboy Russian hacker," even releasing images and videos of him performing stunts in a Lamborghini in Moscow.
  • Impact of Sanctions: Pentikov noted that following the sanctions, both he and other cybercriminals distanced themselves from Yakubets, indicating the effectiveness of such measures.

The Investigation's Impact on Joe Tidy's Perspective

Joe Tidy's extensive investigation, including attempts to reach Yakubets in Russia and the successful interview with Pentikov, has significantly shaped his understanding of cybercrime.

  • Bridging the Gap: Tidy aimed to hear the "side of the story" from alleged criminals, a perspective often missing in Western "naming and shaming" operations.
  • Disconnect Between Hackers and Victims: The investigation highlighted a profound disconnect between the mindset of cybercriminals, who often view their actions as a conflict with "the West" with no real victims, and the tangible, devastating impact on individuals and businesses.
  • Universal Pathway: The consistent observation of a similar pathway into cybercrime across different countries reinforces the idea of a universal progression into this field.
  • Ecosystem Insights: Pentikov's insights into the cybercrime ecosystem were particularly valuable. He described how a successful, high-ransom payout from a hospital attack in the Russian-speaking community led to a "herd mentality," where ethical considerations were abandoned, and numerous hackers began targeting hospitals to replicate the success. This "herd mentality" is a critical insight into the rapid evolution and spread of cyber threats.

Conclusion

The interview with Vashlav Pentikov provides a rare and detailed look into the world of high-level cybercrime. It underscores the evolution of criminal tactics from banking trojans to sophisticated ransomware, the personal motivations driving individuals into this field, and the significant challenges faced by law enforcement in apprehending and prosecuting these criminals. The narrative also emphasizes the stark contrast between the criminals' often detached perspective and the profound human and financial toll their actions inflict on victims, while also shedding light on the internal dynamics and emergent behaviors within the global cybercrime ecosystem.

Chat with this Video

AI-Powered

Hi! I can answer questions about this video "The dark secrets of a jailed cyber-criminal | Global News Podcast". What would you like to know?

Chat is based on the transcript of this video and may not be 100% accurate.

Related Videos

Ready to summarize another video?

Summarize YouTube Video