Cybercrime

US Offering $2.5 Million Reward for Belarusian Malware Distributor

The US government is offering a $2.5 million reward for information leading to the arrest of malware distributor Volodymyr Kadariya.

The US government is offering a $2.5 million reward for information leading to the arrest of malware distributor Volodymyr Kadariya.

The US Department of State this week announced a $2.5 million reward for information leading to the arrest of a Belarusian national allegedly involved in the mass distribution of malware.

The individual, Volodymyr Kadariya, 38, a Belarussian and Ukrainian national, allegedly participated in a “significant malware organization” that distributed the Angler Exploit Kit and other malware to the computers of millions of victims, the State Department says.

Kadariya, also known as Vladimir Kadaria, Volodymyr Kadariya, and Andrii Kovalov, was indicted in June 2023 with wire fraud conspiracy, computer fraud conspiracy, and wire fraud, along with Maksim Silnikau, 38, a Belarussian and Ukrainian national, and Andrei Tarasov, 33, a Russian national.

Kadariya, the indictment alleges, was involved in Angler Exploit Kit’s distribution through malvertising and other means from October 2013 through March 2022. Angler was used for the distribution of other malware families, including ransomware.

“The malvertising campaigns were designed to appear legitimate, but often redirected victim internet users who viewed or accessed the advertisements to malicious sites and servers that sought to defraud the users or delivered malware to the users’ devices,” a notice on the Secret Service’s website reads.

One of the distribution methods allegedly employed by Kadariya and his co-conspirators, the Secret Service says, involved scareware ads, which displayed false messages claiming the victim’s device was infected with a virus or had another issue.

Advertisement. Scroll to continue reading.

The victim was then tricked into buying or downloading dangerous software (providing the threat actors with remote access to the device) or sharing personal or financial information.

To profit from their scheme, Kadariya and his co-conspirators allegedly sold access to the compromised devices on Russian cybercrime forums, and sold the banking and login information stolen from their victims.

Earlier this month, the US announced that Silnikau was extradited from Poland to the US, to face charges related to his involvement in the malware distribution scheme and in the development and distribution of the Ransom Cartel ransomware.

Related: Russian Member of Karakurt Cyber Extortion Gang Charged in US

Related: Justice Department Disrupts North Korean ‘Laptop Farm’ Operation

Related: Jury Convicts Seattle Woman in Massive Capital One Hack

Related: US Accuses Venezuelan Doctor of Creating and Selling Ransomware

Related Content

Malware & Threats

The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling.

Government

UNC5792 and UNC4221 have been targeting US government officials, military leaders, and allied personnel.

Malware & Threats

Turla has been using the backdoor against government and military organizations in Ukraine for espionage.

Cybercrime

Hundreds of C&C servers were disrupted in an operation involving law enforcement and several cybersecurity companies.

Cybercrime

Nathan Austad has been ordered to pay roughly $1.8 million in forfeiture and restitution, and the sentence also includes 3 years of supervised release. 

Malware & Threats

Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta.

Cybercrime

26-year-old Abdellah Belmili faces up to 30 years in prison for allegedly operating the marketplaces Market0Day and Spoxy.

Cybercrime

Using a custom sniffer, the threat actor has captured over 110 million credentials since at least February 2026.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version