The DirectConnection forum was—until its dissolution in 2015—a hub of cybercrime in Russia. One of its key members, Estonian Maksim Berezan (aka “Albanec“), was arrested in Latvia at the end of 2020 and subsequently extradited to the United States.
He had been identified as a specialist in cashouts, a technique whereby stolen payment cards are used to make purchases or withdraw money that are then transferred for laundering.
Following his extradition, analysis of his computer equipment also revealed his involvement in at least 13 ransomware attacks, seven of which were against U.S. victims, and that approximately $11 million in ransom payments flowed into cryptocurrency wallets that he controlled.
The investigation also proved that Maksim Berezan used the “unlimited” cashouts technique, which involves hacking into a bank or payment card processor and using cloned payment cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.
Charged with “conspiracy to commit wire fraud,” Maksim Berezan pleaded guilty in April 2021. At the end of March 2022, the U.S. justice system sentenced him to 66 months in prison and ordered him to pay $36 million in restitution to his victims.