Russian Alexander Vinnik, jailed last year for money laundering, begins an appeal at a Paris court Tuesday, as prosecutors challenge his acquittal on charges that he masterminded massive ransomware attacks.
While a lower court in December sentenced him to five years in jail for money laundering, it acquitted Vinnik, 41, of 13 out of 14 charges of cyber piracy.
During his trial the prosecution described Vinnik as a “pioneer” of cyber attacks and the mastermind of the Locky ransomware attacks.
He was accused of sending emails masquerading as invoices with attached documents, which when opened activated malware that shut down his targets’ computers and encrypted their contents.
A message would appear on the hacked computer with instructions to pay a ransom in the online currency bitcoin to regain control of the machine.
Around 5,700 people fell victim to the scam around the world between 2016 and 2018, paying an estimated total of 135 million euros ($163 million) in 2018.
Vinnik was cleared of these charges, but convicted of money laundering proceeds from the Locky malware, and ordered to pay a fine of 100,000 euros.
Vinnik had always denied any connection with the Locky malware, claiming he had been “an ordinary freelance operator” for the BTC-e platform which received the extorted sums.
Frederic Belot, a lawyer for Vinnik, said his client was “worried” but eager for the appeal to “shed light on his innocence”.
His arrest at the northern Greek tourist resort of Halkidiki set off a three-way extradition tussle between the United States, France and Russia.
US investigators suspect Vinnik of being the mastermind of what they say has become one of the main ways cybercriminals launder their illegal gains.
A US indictment accuses Vinnik of 21 charges ranging from identity theft and facilitating drug trafficking to money laundering.
Related: Greece to Extradite Russian Bitcoin Suspect to France
Related: N.Zealand Freezes Assets of Alleged Russian Cyber Criminal
