WANTED: US Offers $2.5M Bounty to Nab Belarusian Hacker

The US Department of State is offering a $2.5 million reward for information leading to the arrest and/or conviction of Volodymyr Kadariya, an alleged Belarusian hacker who the US says used “malvertising” and other means to scam internet users from 2018 through March 2022.

The State Department says Kadariya used a scheme to transmit the Angler Exploit Kit (AEK), other malware, and online scams to web users internationally. The AEK was a leading vehicle used by cybercriminals to deliver malware to devices.

Kadariya was indicted in New Jersey in June 2023 with conspiracy to commit wire fraud, conspiracy to commit computer fraud, and two counts of substantive wire fraud.

The reward offer comes just two weeks after the arrest and extradition of accused Polish hacker Maksim Silnikau in relation to several cybercriminal operations since 2011.

The State Department began using its Rewards for Justice (RFJ) program -- which was established in 1984 to combat terrorism -- to target cybercriminals in 2021. The program offers rewards of up to $10 million for information leading to the identification or location of any person acting in violation of the Computer Fraud and Abuse Act.

Playing on Competitive Greed

Offering up bounties for cybercriminals may be an effective tactic to pit cybercriminal operations against one another, but may come with some drawbacks, says Ilia Kolochenko, CEO at AI security firm ImmuniWeb and an adjunct professor of cybersecurity at Capitol Technology University.

Related:To Catch a Cybercriminal -- and the Fallout That Follows

“While the idea of paying generous bounties for information that will lead to the arrest of professional cybercriminals is far from being novel, the tactic can be unprecedently successful in 2024,” Kolochenko says in an email. “… Competition on the global cybercrime market also intensifies, so even ideologically similar hacking groups may report each other to law enforcement to make some money and to get a bigger market share.”

However, he says, “this tactic is not without drawbacks. First, protection of personal data of suspects -- and their completely innocent namesakes -- is important as a matter of ethics and law. Second, offering bounty payment only in case of conviction weakens the entire concept: for example, the prosecution may decide to drop charges in exchange for collaboration … ”

Those with information can contact the US Secret Service by email at [email protected]. Tipsters from outside the US should contact their nearest US Embassy/Consulate.