Captain Flint24
Cybercriminal Alexei Stroganov, known online as Flint24, and a group of accomplices sought release from detention by leveraging Russia’s aid. This claim surfaced last week on a Mash Telegram channel. The hackers’ lawyers intend to petition the court to modify the sentence at the upcoming hearing, scheduled for June 13–19.
Flint24 and the co-defendants were arrested in March 2020 on multiple charges tied to cybercrimes that involved embezzlement of funds, affecting victims primarily across Europe and the United States. The group has long engaged in carding, including theft, resale, and use of bank card data for personal gain. In early 2021, most participants were found guilty and received multi-year prison terms. Within the Tverskoy District Court materials in Moscow, Stroganov faced illegal circulation of means of payment (Article 187, part 2 of the Criminal Code of the Russian Federation), a crime punishable by imprisonment up to two years.
Many information security experts consulted by socialbites.ca were skeptical about the petition from Stroganov and the notion of enlisting hackers for state interests in cyberwarfare at large.
Earlier, the hacker collective Anonymous publicly opposed Russia and declared cyberwar against it. Shortly after, the abroad-facing RT website halted operations. Russian internet providers and government portals faced attacks, including Roskomnadzor, the Russian Pension Fund, the Federal Antimonopoly Service, and Crimean information resources. Large Russian firms, including Gazprom, Lukoil, Norilsk Nickel, and Yandex, also endured mass cyber assaults.
Igor Bederov, head of the information and analytical research department at T.Hunter, voiced skepticism about Stroganov’s petition, noting that authentic hackers represent a tiny fraction of Russian-speaking cybercriminals and are closer to scammers than seasoned defenders. He argued that Flint24 and its associates could not significantly contribute to national cybersecurity or counter espionage efforts.
“Real hackers with genuinely useful abilities—discovering and exploiting unique vulnerabilities, espionage, and causing substantial disruption to complex IT systems—comprise about 0.2% to 0.3% of those in the broader Russian-speaking cybercriminal ecosystem. The rest are scammers, card traders, DDoS actors, extortionists, and various low-skilled criminals who are often mislabeled as hackers”, said Bederov.
Sergey Golovanov, chief expert at Kaspersky Lab, believes that regardless of skill level, hackers cannot be trusted to serve public interests or make decisions in cybersecurity matters.
“The only acceptable way to engage with them is to cooperate with accomplices during investigations. Do not rely on them for more serious tasks or granting access to classified information”, the director stated.
Pavel Sitnikov, an independent information security researcher who disclosed his identity in 2020, offered a contrasting view in an interview with socialbites.ca. He suggested that even Flint24’s capabilities could be beneficial to the state under certain circumstances.
“Flint24 specializes in illegal fundraising. Could such expertise aid the Russian cyber army? It’s possible. I personally received finance-oriented orders from security forces during the political conflict in Ukraine, aiming to access foreign accounts and withdraw a sum like $10,000”, Sitnikov noted.
Sitnikov asserted that Flint24 and its cohort possess detailed insights into the structure of the American financial system. If Russia faced a mission targeting this sector, the request from the cybercriminals might be considered.
To the service “Prikodenny”
While many socialbites.ca sources criticized recruiting convicted cybercriminals for state work, some remarked that such practices exist in Russia and other nations, carried out by various security services.
“Criminal elements have always been used by governments to advance their aims. This includes both organized crime and hackers. Bederov notes that special services sometimes rely on such individuals for espionage and disrupting IT systems without leaving obvious governmental traces.”
He added that the rare professionals in this field—likely less than one percent—are often part of pro-government ART groups or regular intelligence officers.
Sitnikov echoed this sentiment. He observed that even within the cybercriminal community, few people know the real identities of ART group members and their affiliations are not widely disclosed.
“There is a common understanding that they depend on law enforcement. Do ART groups exist in Russia? The question is rhetorical. They exist in every major power”, Sitnikov stated.
In addition, Pavel Korostelev, who leads product promotion at a security code company, noted that both security services and armed forces across nations employ specialists in espionage and cyber operations. These individuals are frequently referred to as hackers in everyday language.
“Generally, the use of cyberattack capabilities is viewed as normal. Security services and the armed forces maintain trained personnel to obtain data or disrupt enemy IT systems at critical moments. Such units exist openly in many countries, they do not hide it”, Korostelev commented.
Bederov shared a similar perspective. He stated that although there is no formal national cyber army in Russia, several special units within the FSB, the Ministry of Internal Affairs, and the Ministry of Defense operate in the digital space and can be considered a form of cyber capability.
“These experts work on intelligence, incident prevention, and more”, he added.
Regarding the international use of convicted cybercriminals for national cyber capabilities, experts suggest Ukraine may lead in this area.
“Unofficial reports indicate that convicted Ukrainian citizens participated in cyberwarfare against Russia and were probably involved in recent government website breaches”, said Fyodor Mazulevsky, director of RTM Group’s technical department, who specializes in information security legislation.
He added that if Ukraine pursues such a course, it would signal a recognition of the limitations of regular forces in this domain.