Evgeniy Doroshenko, also known as Eugene Doroshenko and FlankerWWH, has been indicted by the United States District Court for the District of New Jersey on charges of wire fraud and computer fraud. As an access broker, Doroshenko allegedly obtained unauthorized access to computer networks and sold this access to other cybercriminals through Russian-language cybercrime forums on the dark web. This indictment highlights the growing threat of cybercrime facilitated by online forums where hackers can buy and sell illicit access and information.
Doroshenko’s activities included unlawfully acquiring access credentials to victim networks, including those of Victim-1, a company headquartered in Bergen County, New Jersey. He then used these credentials to gain unauthorized access to their computer systems and offered this access for sale on Cybercrime Forum-1. This scheme, which ran from at least February 25, 2019, until the indictment date, was designed to profit from the vulnerabilities of victim organizations by enabling further cybercrimes like data exfiltration and ransomware attacks.
On January 11, 2024, Doroshenko, operating from Russia, connected remotely to Victim-1’s network in New Jersey, exemplifying the cross-border nature of such cybercrimes. His actions not only compromised the security of Victim-1 but also posed significant risks to other potential targets whose access credentials were traded in these forums. This case underscores the importance of robust cybersecurity measures and international cooperation in combating cybercrime.
The indictment of Doroshenko serves as a warning to cybercriminals worldwide. Law enforcement agencies are increasingly capable of tracking and prosecuting those who exploit digital vulnerabilities. The U.S. government continues to enhance its efforts to secure cyberspace and hold perpetrators accountable, ensuring that such fraudulent activities are met with appropriate legal consequences.
