Angler Exploit Kit Architect Wanted: U.S. Puts $2.5M Bounty on Belarusian Cybercriminal
The U.S. Department of State has announced a hefty $2.5 million reward for information leading to the arrest or conviction of Volodymyr Kadariya, a Belarusian national accused of masterminding a massive cybercrime operation that infected millions of computers worldwide.
Kadariya allegedly played a key role in disseminating the notorious Angler Exploit Kit (AEK), a sophisticated piece of malware that silently infiltrated victims’ computers through seemingly harmless online advertisements, a tactic known as “malvertising.” The AEK, often dubbed one of the most advanced exploit kits ever created, acted as a digital Trojan horse, delivering a range of malicious payloads including ransomware, banking trojans, and other harmful software.
The Angler Exploit Kit, first identified in late 2013, quickly became one of the most feared tools in the cybercriminal’s arsenal. Renowned for its sophistication, Angler EK was designed to exploit vulnerabilities in popular software, enabling the delivery of a wide range of malware to compromised websites. The kit’s developers were relentless in their efforts to stay ahead of cybersecurity measures, frequently updating the kit with new evasion techniques to bypass Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).
One of Angler EK’s most alarming features was its ability to execute “fileless infections,” a technique that allows malware to operate without leaving a trace on the victim’s hard drive. This, combined with other advanced evasion tactics such as 302 cushioning and Domain Shadowing, made Angler EK exceptionally difficult to detect and mitigate.
In a 2015 report, Cisco researchers highlighted the alarming scale of Angler EK’s operations. According to their findings, a substantial number of proxy servers used by the kit were hosted by Limestone Networks, with Kadariya’s group allegedly responsible for up to 50 percent of Angler EK’s global activity. At its peak, Angler EK was infecting as many as 90,000 victims daily, generating over $30 million annually. When considering the full scope of Angler EK’s operations, experts estimate that the revenue generated by these criminal activities could exceed $60 million per year.
Kadariya was indicted in New Jersey last year on charges of wire fraud and computer fraud. The U.S. government is now appealing to the public for assistance in bringing him to justice.
Individuals with information on Kadariya’s whereabouts are encouraged to contact the U.S. Secret Service directly or reach out to the nearest U.S. embassy or consulate. All tips will be treated confidentially.
