An accused Russian hacker has claimed Kaspersky's former head of investigations blackmailed him into stealing approximately £150,000 from local banks.
Dmitry Popelysh is on trial in Moscow over allegations that he helped pinch more than 12 million roubles from financial institutions including Sberbank and VTB. But he told the court that one-time Kaspersky staffer Ruslan Stoyanov made him do it.
"Popelysh claims that the evidence in his case was fabricated, and that Ruslan Stoyanov, the former head of the Kaspersky Lab's computer incident investigation department, forced him to break into [the bank accounts]," reported local news agency RBC today. Popelysh made his courtroom statement on 5 September.
In February, former police major Stoyanov was sentenced to 14 years in prison for treason after allegedly passing details of an FSB (post-Soviet spy agency) investigation to the US FBI.
Popelysh had been found guilty of hacking in 2012 but was given a suspended sentence. He claimed that Stoyanov, whom he said initially contacted him anonymously, had blackmailed him by threatening to activate his sentence and have him sent to prison unless he co-operated.
The accused further claimed that Stoyanov, whom he said had posed as an anonymous law enforcement person, demanded that Popelysh give him precise details of all the malware, access methods and login credentials used to hack the banks.
"In the course of further communication," Popelysh claimed, "he reminded me that I was convicted of fraudulent acts against VTB24 Bank and that there were episodes of Sberbank that were not included in the case, but he 'will give them a go' if I contact the law enforcement bodies or I won't co-operate with him."
At his arrest for a fresh batch of bank hacks in May 2015, the anonymous person's identity was revealed as Stoyanov, who was "personally present... and said that he was always faithful to his words and that I would now be in prison," Popelysh told the court.
"Remember me? If you say a word about how we worked, I'll find you in prison too, take everything on yourself and I will pull you out," Stoyanov reportedly told Popelysh at his arrest, via Google Translate.
Stoyanov told the RBC news agency, through his lawyer, that Popelysh's claims were untrue and said the hacker had told him personally that he intended to break into more banks' systems and buy himself luxury goods with the proceeds.
Popelysh was charged in 2016 with hacking banks again. Although found guilty and sentenced to eight years, his conviction was overturned in March this year and a retrial was ordered.
RBC also reported that one Konstantin Kozlovsky, another convicted hacker currently serving a prison sentence, "claimed that he had been cooperating with the FSB for about 10 years" and said his FSB handler had ordered him to hack the US Democratic National Committee, Hilary Clinton's private email server and the World Anti-Doping Agency. ®