Connect with us

Hi, what are you looking for?



DoJ: Estonian Man Tried to Acquire US-Made Hacking Tools for Russia

Andrey Shevlyakov was charged in the US for helping the Russian government and military purchase US-made electronics and hacking tools.

An Estonian national has been charged in the United States for purchasing US-made electronics and computer hacking tools on behalf of the Russian government and military.

The man, Andrey Shevlyakov, was arrested in Estonia on March 28. He was charged in the US on 18 counts of conspiracy and other charges.

According to the indictment, Shevlyakov did business through several Estonian-based shell companies that he and his co-conspirators used to export microelectronics from the US to Estonia. The goods were then shipped to Russia, thus circumventing export regulations.

Since 2012, the indictment says, Shevlyakov was placed by the US government on a ban list for procuring and delivering export-restricted items to Russia. To evade the list’s restrictions, he used false names and shell companies to order items and pay for them.

Purchased items included integrated circuits, low-noise pre-scalers, resistors, synthesizers, analog-to-digital converters that are found in defense systems, including avionics, electronic warfare systems, missiles, and software-defined radio.

According to the indictment, email communication between Shevlyakov and a Russia-based individual has revealed that Shevlyakov also attempted to acquire a licensed copy of Metasploit Pro, a US-made penetration testing tool that cannot be purchased from Russia directly.

The Russian individual said they had previously failed to acquire the hacking tool through other entities outside of Russia. A few days later, Shevlyakov allegedly responded with a list of prices for various versions of Metasploit Pro. 

Advertisement. Scroll to continue reading.

Metasploit is a highly popular hacking tool that has often been abused by malicious actors. The software has a free version and a Pro version, which costs roughly $15,000.

Between 2012 and 2022, Shevlyakov exported at least $800,000 worth of US electronics, the indictment says.

The goods were delivered via an “intricate logistics operation involving frequent smuggling trips across the Russian border”, the US Department of Justice says.

If convicted, Shevlyakov faces up to 20 years in prison.

Related: US Sanctions Several Entities Aiding Russia’s Cyber Operations

Related: Russian Admits in US Court to Laundering Money for Ryuk Ransomware Gang

Related: US, UK Slap Sanctions on Trickbot Cybercrime Gang

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...