Russian cybercrime kingpin Alexander Vinnik arrived in Moscow after being released by the U.S. as part of a prisoner swap, Russian media reported Friday.
Vinnik, accused of masterminding a $9 billion cryptocurrency laundering scheme, was freed in exchange for U.S. teacher Marc Fogel, who had been detained in Russia since 2021 for possession of medical cannabis.
As he made his way from the airport to meet his family, Vinnik thanked those who made his return possible, particularly Russian President Vladimir Putin, who helped broker the deal with the administration of the U.S. President Donald Trump.
Vinnik, once a key operator of the infamous BTC-e exchange, pleaded guilty in May 2024 to conspiracy to commit money laundering. From 2011 to 2017, BTC-e was one of the world's largest cryptocurrency exchanges, handling more than $9 billion in transactions and serving over a million users worldwide, including many in the U.S.
While the U.S. secured Vinnik’s release, European authorities intensified their efforts to take down other Russian cybercriminals.Â
In a separate operation, law enforcement from 14 countries arrested four Russian nationals linked to the Phobos ransomware, which has been used to extort payments from businesses across Europe and beyond. Europol, which coordinated the operation, stated that authorities seized 27 servers tied to the criminal network.
Phobos, first detected in 2018, is notorious for targeting medium-sized businesses with weak cybersecurity defenses. Unlike cybercriminal groups that focus on major corporations, Phobos operators cast a wider net, attacking smaller firms to maximize their reach.
Europol’s European Cybercrime Centre (EC3) has been leading efforts to disrupt Phobos and other ransomware groups like 8Base since 2019. The latest operation builds on previous successes, including the arrest and extradition of a Phobos administrator from South Korea in 2024 and the capture of an affiliate in Italy in 2023. Authorities also warned 400 companies about the threat of imminent ransomware attacks.
