Latest News

DOJ charges 3 in alleged $63M cybercrime scheme

Federal prosecutors unsealed a December 2024 indictment accusing three Russian nationals of operating a transnational cybercrime scheme that allegedly siphoned more than $63 million from victims across the United States. According to a Justice Department press release and the unsealed indictment filed by the U.S. Attorney’s Office for the Northern District of Ohio, the accused are linked to St. Petersburg-based companies Media Land, LLC and ML.Cloud, LLC.

Indictment details and accused

The indictment was unsealed in December 2024 by the U.S. Attorney’s Office for the Northern District of Ohio. It names three defendants: Alexander Alexandrovich Volosovik, Kirill Andreevich Zatolokin and Yulia Vladimirovna Pankova. The filing, outlined by prosecutors, charges the defendants with offenses including conspiracy to commit and aid and abet computer fraud, conspiracy to commit wire fraud, wire fraud and conspiracy to commit money laundering. The U.S. Attorney’s Office described the filing as the result of a grand jury investigation and noted the matter remains under active inquiry.

The indictment alleges the defendants operated and controlled Media Land and ML.Cloud, businesses prosecutors say provided services that facilitated criminal conduct. None of the defendants appeared in U.S. custody at the time the indictment was unsealed. As with all indictments, the allegations have not been proven in court and the defendants are presumed innocent.

How the cybercrime scheme allegedly worked

Prosecutors say Media Land and ML.Cloud offered specialized hosting and information-technology services that critics describe as “bulletproof hosting,” meaning the infrastructure was configured to resist takedown requests and limit law enforcement visibility. The indictment alleges the firms provided technical support, account and domain registration services, and server space used by third-party criminals.

According to the charging documents, actors using that infrastructure deployed malware and ransomware, carried out phishing campaigns to harvest credentials, registered fraudulent domains used to impersonate legitimate services, and supported criminal marketplaces that marketed illicit tools and access. Prosecutors also allege the companies assisted in moving and laundering proceeds, including through cryptocurrency, to conceal the origin of illicit funds.

The indictment provides a framework of how service providers can be used to scale and sustain cybercriminal operations: by hosting malicious content, enabling payment collection, and offering resilience against standard mitigation and takedown measures.

Victims, scale and locations

Federal authorities say the scheme touched victims in 21 states and caused losses of more than $63 million. The U.S. Attorney’s Office identified impacted victim types as including banks, schools, government entities, hospitals and media companies. Prosecutors emphasized that critical infrastructure and essential services were among those targeted, noting harms ranged from financial theft to operational disruptions caused by ransomware and malware intrusions.

Ohio was singled out in the indictment as one of the states where the conduct had measurable impact, and the U.S. Attorney’s Office for the Northern District of Ohio led the public announcement of the charges. Investigators say the alleged pattern of abuse spanned both U.S. and international victims and implicated multiple criminal enterprises that purchased or rented the defendants’ technical services.

International response, sanctions and reward

The Justice Department and partner agencies credited coordinated work with foreign counterparts in building the case. The announcement accompanying the indictment states that allied governments imposed sanctions related to the conduct in 2025. Law enforcement partners specifically named in DOJ materials include the National Police of the Netherlands and the Netherlands’ Public Prosecutor’s Office, the United Kingdom’s National Crime Agency and the U.K. Foreign, Commonwealth and Development Office, and Australia’s Department of Foreign Affairs and Trade and the Australian Federal Police.

Separately, the U.S. Department of State’s Rewards for Justice program has offered up to $10 million for information leading to foreign government-linked associates of the defendants or affiliates of Media Land and ML.Cloud. DOJ officials said the reward is intended to help identify additional actors or networks tied to the alleged infrastructure and to further international investigative efforts.

What comes next

The grand jury indictment initiates federal criminal charges and sets the stage for potential extradition requests, additional charges, or arrests depending on where the defendants are located and what investigators uncover next. Prosecutors indicated the matter remains an active, multi-jurisdictional investigation and that further enforcement actions could follow as evidence and cooperation from foreign partners develop.

The U.S. Attorney’s Office for the Northern District of Ohio declined to provide additional comment, citing the ongoing nature of the investigation. Law enforcement officials urged organizations and individuals to strengthen cybersecurity defenses, noting that ransomware, phishing and malware remain persistent threats and that timely reporting to authorities aids cross-border disruption efforts.

Source notes and attribution

This report is based primarily on the Justice Department press release and the unsealed indictment filed by the U.S. Attorney’s Office for the Northern District of Ohio (Dec. 2024). Reporting also referenced contemporaneous media coverage. Key factual elements — including the indictment date, the named defendants (Alexander Alexandrovich Volosovik, Kirill Andreevich Zatolokin and Yulia Vladimirovna Pankova), the companies (Media Land, LLC and ML.Cloud, LLC), the alleged $63 million loss, the 21-state impact, the 2025 sanctions, and the $10 million Rewards for Justice notice — come from those official filings and announcements.

The allegations remain subject to verification through the courts. The Nonstop News will update this story as court filings, law enforcement statements or additional official documents become available.