Russian cybercriminal Ilya Angelov, known online as ‘Milan’ and ‘Okart’, has been sentenced to two years in federal prison for his role in the administration of a botnet used to facilitate ransomware attacks, the DOJ announced on Tuesday.
According to the DOJ, Angelov was part of a threat group tracked by the FBI as Mario Kart, and by the cybersecurity community as TA-551, Shathak, Gold Cabin, Monster Libra, G0127, and ATK236.
The charges against Angelov stem from activities he engaged in between 2017 and 2021, during which his cybercrime group built a botnet by distributing malware via spam email attachments.
They monetized the compromised machines by selling access for deploying ransomware.
TA-551 was known to distribute malware such as Emotet, IcedID, Qbot, and Ursnif.
The DOJ has mentioned ransomware attacks facilitated by the botnet against more than 70 US corporations, with the cybercriminals earning $14 million in ransom payments.
Court documents show Angelov has been in custody since 2023 and has pleaded guilty to his role in the cybercrime operation.
In addition to the 24-month prison sentence, he received a $100,000 fine and a $1.6 million money judgment, allowing the government to seize assets tied to his criminal proceeds.
Angelov’s sentencing comes shortly after the DOJ announced that another Russian national, Aleksei Volkov, has been sentenced to 81 months in prison for his role in ransomware attacks.
Related: Russian Ransomware Operator Pleads Guilty in US
Related: Russian APT Exploits Zimbra Vulnerability Against Ukraine
