Lurk Hacker Group Leader Sentenced to 14 Years in Prison

The Kirovsky District Court of Yekaterinburg has sentenced members of the Lurk hacker group, which stole over one billion rubles, to prison terms ranging from 5 to 13 years. The leader of the group, Konstantin Kozlovsky, received a 14-year sentence in a high-security penal colony.

The arrest of Lurk group members (over 50 people from 15 regions of Russia) became public in the summer of 2016. The hackers systematically stole large sums from the accounts of commercial organizations. At that time, experts from Kaspersky Lab presented a detailed report on Lurk’s activities, which the company had studied for six years. The report revealed that Lurk members created the Angler exploit kit, which dominated the exploit pack market during those years.

Lurk members were accused of attacks on Russia’s critical infrastructure and the theft of approximately one billion rubles. Among the victims were three banks: Moscow’s Garant-Invest (467.4 million rubles), Metallinvestbank (67.5 million rubles), and the Siberian branch of Taata Bank (99.7 million rubles).

It is also worth noting that previously, group leader Konstantin Kozlovsky claimed in court that he committed crimes at the behest of FSB officers. To add weight to his statements, he took responsibility for hacking the servers of the U.S. Democratic Party and Hillary Clinton’s email in 2016. The court was skeptical of this claim, and the U.S. Department of Justice has never stated that Kozlovsky was involved in these attacks.

Last week, it was reported that an expert review of Kozlovsky’s statement definitively refuted his claims: “No evidence of attacks on the U.S. government was found. This was also not discussed in the seized correspondence between group members,” a source familiar with the case said.

According to RIA Novosti, the Kirovsky District Court of Yekaterinburg sentenced ordinary Lurk members to terms ranging from 5 years and 1 month to 13 years in prison. The group’s leader, Konstantin Kozlovsky, was sentenced to 14 years in a high-security penal colony. He was found guilty on several charges, including organizing a criminal community, large-scale fraud, and unauthorized access to computer information. The verdict was announced over five days.

“According to the investigation, from December 2015 to April 2016, the defendants created and distributed a virus online, which allowed them to access the local computer networks of several major banks, travel agencies, construction, and food companies. They then stole more than 1.2 billion rubles. In addition, they gained access to the computer database of Koltsovo Airport in Yekaterinburg,” the publication reports.

Kozlovsky’s lawyer, Fedor Akchermyshev, stated that he intends to appeal the verdict:

“We do not agree with the verdict and will appeal it. The case materials do not confirm my client’s guilt. The arguments we presented, including those regarding the inadmissibility of conducting investigative operations in foreign countries, were not addressed by the court in its verdict,” the lawyer told reporters.