World July 15, 2026 09:11 AM

Alleged Russian Cyber Operative Had Prior Role at Kaspersky, Records and Sources Show

Documents and a former colleague link defendant to Moscow-based antivirus firm; U.S. prosecutors allege later work for FSB and a separate Russian IT company tied to hacking campaign

By Leila Farooq
Share
Twitter Reddit Facebook LinkedIn

Court filings and leaked employment records indicate that Denis Obrezko, who pleaded not guilty last week in Boston to charges of computer intrusion, was employed as a senior specialist at Kaspersky Lab from 2017 to 2019. U.S. prosecutors say he subsequently spent five years with Russia's FSB and later served as deputy director of Yutek-NN, which an indictment links to a mass hacking campaign targeting NATO-aligned European agencies and U.S. companies beginning in 2023.

Alleged Russian Cyber Operative Had Prior Role at Kaspersky, Records and Sources Show
Summarize with
ChatGPT Perplexity Claude Grok Gemini

Key Points

  • Denis Obrezko pleaded not guilty in Boston to U.S. hacking charges; records and a former colleague show he worked at Kaspersky from 2017-2019.
  • U.S. prosecutors allege Obrezko spent five years with Russia's FSB and later was deputy director at Yutek-NN, which an indictment links to the Void Blizzard campaign targeting NATO-aligned agencies and at least 11 U.S. companies.
  • Kaspersky confirmed the employment dates but said the charged offenses could not be tied to his role there; the company has faced prior restrictions, including a 2024 U.S. Commerce Department ban and warnings from European authorities.

A computer specialist now facing criminal hacking charges in the United States previously held a senior position at Moscow-based Kaspersky Lab, according to a person familiar with the matter and personnel records examined by Reuters.

Denis Obrezko, who entered a not guilty plea at a hearing in Boston last week on allegations of computer crimes, is reported to have worked at Kaspersky as a senior specialist between 2017 and 2019. That employment period is documented in leaked salary records and corroborated by a former colleague.

U.S. prosecutors have stated that Obrezko spent the five years prior to the alleged misconduct working for Russia's domestic intelligence service, known as the FSB. The alleged hacking activity that is the focus of current charges occurred after his departure from Kaspersky, according to the documents and filings.

Although the indictment links the defendant to activity outside his Kaspersky tenure, the revelation of his former role at one of the world's largest antivirus vendors is likely to renew attention on the company's relationship with Russian state institutions. Kaspersky once had a substantial presence in the United States before concerns about its ties to the Kremlin eroded that market position.

In response to questions, Kaspersky confirmed that an employee with the named identity worked for the company from 2017 to 2019 and said it had no information on his present status. The company added that the offenses charged could not be connected to the individual's responsibilities while employed there.

Obrezko's attorney, Max Nemtsev, declined to comment on the defendant's employment history in an email. Efforts to obtain comment from the FSB were unsuccessful, and repeated requests to the Russian Embassy in Washington went unanswered. Russian officials generally deny responsibility for state-sponsored hacking campaigns, according to the information available in the filings.


Details about Obrezko's exact role and duties at Kaspersky during the 2017-2019 period were not determinable from the records reviewed. A social media profile on VKontakte associated with one of his email addresses lists him as a graduate of Moscow's Bauman University, where he specialized in information security. Leaked resume material in the reviewed files echoed that specialization. Bauman University did not reply to a request for comment.

U.S. prosecutors' documents accuse Obrezko of involvement in a hacking collective referred to in filings as "Void Blizzard" or "Laundry Bear." The indictment alleges the group conducted broad thefts of emails and other communications from several NATO-aligned European government agencies and at least 11 U.S. companies, carrying out those intrusions on behalf of the Russian government beginning in 2023.

The same indictment attributes the Void Blizzard operations to a Russian cybersecurity firm identified as Yutek-NN, where Obrezko is said to have been deputy director from 2024 onward. The indictment, filed last week, did not mention his earlier employment at Kaspersky; that connection is reported here for the first time.

Yutek-NN presents itself on its website as a multipurpose IT company that employs advanced technology and innovative design. Russian corporate filings show the Nizhny Novgorod-based firm holds a license from the FSB to develop, sell or obtain "special technical means for the covert acquisition of information." Yutek did not respond to repeated requests for comment.


Security analysts and academics have noted that the prosecution of an individual with ties to both a prominent cybersecurity company and to state-linked entities may reinforce existing skepticism about the boundaries between commercial security vendors and intelligence services. Stefan Soesanto, a lecturer at the Lucerne University of Applied Sciences and Arts, said the case was "a vindication for all those that are already highly critical of Kaspersky." He also observed that the lines separating the cybersecurity industry and national intelligence organizations can be porous.

Kaspersky has consistently maintained that it operates independently of the Kremlin. Nevertheless, the company faced formal restrictions in the United States, including a 2024 ban by the U.S. Commerce Department, and has drawn warnings from European authorities, as reflected in the public record and government actions.

The court proceedings in Boston have begun to place individual employment histories and corporate affiliations under close scrutiny, even as legal filings continue to center on the activities alleged to have occurred after the individual's time at Kaspersky. The available evidence leaves aspects of Obrezko's responsibilities at the antivirus firm unclear, a point underscored by investigators' inability to determine his exact duties during the 2017-2019 period.

As the case moves forward, official responses from Russian state entities have not materialized, and some organizations named in the filings did not reply to requests for comment. The allegations, the indictment and the employment records together present a complex picture that ties together a prominent commercial cybersecurity vendor, a licensed IT firm and asserted state-directed hacking operations.


Summary of key developments:

  • Denis Obrezko pleaded not guilty last week in Boston to U.S. computer crime charges.
  • Leaked salary records and a former colleague indicate he worked at Kaspersky Lab as a senior specialist from 2017 to 2019.
  • U.S. prosecutors allege Obrezko spent five years working for the FSB and later served as deputy director of Yutek-NN, connected by indictment to a mass hacking campaign beginning in 2023.

Risks

  • Increased scrutiny and reputational risk for commercial cybersecurity vendors - impacts the cybersecurity and enterprise software sectors, given public and regulatory concern about vendor ties to state actors.
  • Potential national security and corporate exposure from alleged state-directed hacking campaigns - affects government agencies and corporate IT security budgets and incident response planning.
  • Uncertainty about the exact nature of the individual's role at Kaspersky - investigative gaps leave open questions about personnel vetting and oversight within security firms, relevant to corporate governance and compliance in the tech sector.

More from World

Moscow Says Post-Conflict Multinational Force in Ukraine Would Be Treated as a Legitimate Target Jul 15, 2026 U.N. Warns Profits from Sudan’s Gum Arabic Trade Are Fueling Ongoing Conflict Jul 15, 2026 EU and Ukraine Agree to Joint Drone Production Initiative Jul 15, 2026 Defence Minister’s Future in Flux as Zelenskiy Moves to Recast Cabinet Jul 15, 2026 Advocacy Groups Challenge U.S. Sanctions on International Criminal Court as First Amendment Violations Jul 15, 2026