‘I'm making this bitch's life hell’ How a Russian hacker allegedly ordered the detective investigating him killed and committed countless dark web crimes in the process
The BBC Russian Service has released an investigative report detailing the activities of Yaroslav Sumbayev, a hacker who allegedly ordered the widely publicized murder of Special Investigator Yevgenia Shishkina. The Georgian government extradited Sumbayev to Russia on October 24. He had previously fled the country to avoid prosecution in a case that Shishkina was investigating. Russian journalists have reported that the alleged murderer began his criminal career as a hacker and small-time con artist before allegedly acquiring a major dark web narcotics retailer.
Yaroslav Sumbayev was born in Russia’s Arkhangelsk region 29 years ago. As a child, he was drawn to the natural sciences, and his classmates saw him as a talented student. However, according to his friends, Sumbayev changed after his parents got divorced. According to a new BBC Russian Service report, the young man began his career by selling stolen digital wallets, hacking personal information, and borrowing money on credit. Later, he started recruiting investors for a python and crocodile leather accessory business. Those investors never got their money back.
In 2012, Sumbayev was charged with credit card fraud. During the investigative phase of that case, he ran away from house arrest by cutting through his ankle bracelet and was placed on a federal wanted list. Around the same time, the alleged fraudster met Maxim Matyushev and Kirill Kulabukhov, two hackers who worked with him to organize another fraud scheme involving train and plane tickets. Using stolen client data from travel agencies, the three men ordered expensive seats and then returned the tickets through third parties, pocketing the money they received. Thirty-one companies are estimated to have lost 17.5 million rubles (now $272,825) to that enterprise.
In 2014, Special Investigator Yevgenia Shishkina of the Central Federal District police department’s transport division took over the so-called “ticket case.” Her team managed to track down St. Petersburg resident Roman Mikhailov, who had acted as a middleman in the ticket returns process. His testimony provided the basic evidence investigators needed to learn about the organizers of the scheme. In November 2015, two people attacked Mikhailov, beating him up and cutting him with a broken bottle neck. One of the attackers muttered “Hello from Sumbayev” as the pair walked away. The suspects in the assault were never found.
Escaping Russia and sending threats
By the time investigators found and arrested Matyushev and Kulabukhov, Yaroslav Sumbayev had fled Russia. In 2015, he was added to Interpol’s databases, and an international search for the hacker began. At various points, Sumbayev lived in Montenegro, Turkey, and, beginning in 2017, in Georgia. While he was moving from place to place abroad, the hacker regularly called his investigator, Shishkina, from anonymous telephone numbers and sent her threatening messages.
Sumbayev soon purchased a fake Lithuanian passport under the name Vitaly Makarov for the price of 6,000 euros (now $6,690). He lived under that identity in both Turkey and Georgia. An attorney named Gocha Tediashvili told the BBC that Georgian native Vasily Magriev helped Sumbayev acquire the counterfeit passport.
During one conversation with Margiev, the hacker mentioned that he had ties to a drug lab in the Moscow suburbs and that he was interested in the underground arms trade and cryptocurrency mining. Margiev reportedly promised that multiple high-ranking Georgian security officers among his acquaintances would support Sumbayev. In reality, he had no such connections and ultimately recruited a taxi driver friend of his to act as a law enforcement official. When that lie came to light, the BBC reported, Sumbayev tried to extricate himself from his relationship with Margiev. In January of 2019, Margiev was hit by a car, and he subsequently argued that the crash was intentional. The following summer, the counterfeit passport producer was arrested on suspicions of kidnapping Sumbayev, who had accused his old acquaintance of holding him hostage for a ransom of $40,000.
Trading villas in Spain and drugs in Russia
While he was living in Georgia, Sumbayev sent several messages to a female friend whose name the BBC report does not reveal. Among other things, he mentioned a “serious guy” named Mikhail who would “help legalize” Sumbayev and “get him out of Interpol’s database.” The attorney Gocha Tedashvili later said Margiev and Sumbayev were involved in multiple projects led by a businessman named Mikhail Babarin. According to the BBC, someone with that name worked in the now-defunct St. Petersburg bank Ganzakombank and headed an investment fund called Energokapital.
Babarin, who no longer lives in Russia, met with BBC journalists in Spain. He told them he did not know Sumbayev or Margiev and called any allegations of his involvement in their doings “completely made-up nonsense.” Nonetheless, reporters were able to find an indirect connection between the entrepreneur and the hacker. One of Babarin’s real estate business partners was named Alexey Yeliseyev, and one of Yeliseyev’s close friends, Tatiana Krivosheyeva, owned a villa in the Spanish port city of Alicante that Sumbayev tried to sell for Bitcoin in 2017. Babarin argued that he has no real estate dealings and hasn’t seen Yeliseyev for more than 10 years.
Tediashvili, the attorney, said that Babarin had actually invested $250,000 in Sumbayev and Margiev’s cryptocurrency project, an accusation the businessman himself denies. Nonetheless, Sumbayev had written to his unnamed friend that he was organizing an ICO for “Misha” (the Russian nickname for Mikhail) with the aim of funding a startup that would sell cryptocurrency mining equipment. One source in the cryptocurrency industry provided BBC journalists with a business plan for the company; the final point in the plan was simply marked “SCAM.” Evidently, the founders of the project intended to drive the company bankrupt once it had accumulated funding.
Alongside his cryptocurrency project, Sumbayev continued to harass Investigator Shishkina. Among other things, the BBC reported, he was involved in burning the detective’s Lexus in January of 2018. After that incident, the hacker sent his female friend a picture of the burning vehicle and wrote, “I’m making this bitch’s life hell.”
In Georgia, Sumbayev didn’t stay put for long in any one apartment, moving from city to city to avoid being followed. He has said that most of his income during that period came from drug and weapons sales. Multiple sources told the BBC that Sumbayev was involved in selling narcotics through the dark web retailer Los Zetas, which started off on the illegal marketplace RAMP before transferring to another forum, Hydra. The BBC asserted that Sumbayev in fact led the entire Los Zetas enterprise under the alias Miguel Morales. In less than two years on Hydra, the online drug retailer made more than 250,000 transactions. By the end of August 2019, it occupied 11th place among all of the platform’s online stores. Sumbayev himself declined to answer questions about his connections to Los Zetas.
A Darknet murder and a taxi ride to remember
In 2017, while he was still in Georgia, Sumbayev wrote to his anonymous friend that he was “organizing a contract killing.” While he did not offer any further details, the two teenagers who were ultimately accused of Yevgenia Shishkina’s murder told investigators in their very first interrogation session that the murder had been ordered through the dark web by Miguel Morales, the owner of Los Zetas.
The primary suspect in the killing is 19-year-old university student Abdulaziz Abdulazizov from St. Petersburg. His alleged accomplice is his 17-year-old friend, who appears in the BBC’s story under the initials K.G. The report claims that K.G. was one of Los Zetas’s other coordinators. According to the official case against the two teenagers, the individual who ordered Shishkina’s murder contacted K.G. through the Darknet and offered him a million rubles ($15,600) for the job. The teenager then reached out to his friend Abdulazizov.
To get from St. Petersburg to the Moscow suburb of Arkhangelskoye, where the special investigator lived, Abdulazizov used the rideshare service BlaBlaCar. He reserved a hotel room in the neighboring suburb of Opalikha and retrieved a pistol and ammunition from a secret storage container whose location was sent to him online. On the morning of October 9, 2018, the young man ordered a Yandex Taxi ride to Shishkina’s house. That service, which is run by a Russian tech giant similar to Google, is itself analogous to Uber or Lyft. In his subsequent testimony, Abdulazizov said the detective noticed his weapon and began to defend herself, knocking her murderer off his feet. The 19-year-old was forced to shoot from the ground, but he hit his target nonetheless. After walking two blocks away from the crime scene, Abdulazizov ordered another Yandex Taxi. According to the BBC, it was the record of those two taxi rides that ultimately led to the young man’s capture.
A roundabout path home
In November of 2018, Georgian police officers arrested Yaroslav Sumbayev near a home in Gori where he was living with his wife and a young daughter. The officers found a pistol in Sumbayev’s possession as well as the counterfeit passport made out to “Vitaly Makarov.” The Russian was charged with illegally acquiring a weapon and using a fake passport. He was soon jailed to await trial. Sumbayev applied to the Georgian government for asylum, arguing that he was a political refugee, but his application was denied. The hacker’s attorney, Ivan Norakidze, said his client had run away to Georgia because he feared “persecution from Russian intelligence agencies.”
Sumbayev himself wrote to journalists that he had played no role in Yevgenia Shishkina’s murder. He claimed that the case against him was fabricated and that he knew the surnames of the individuals who had made up the allegations. Sumbayev also asserted that in 2012 and 2013, FSB agents had forced him to work for them “undermining the U.S. economy and the governments of European countries.”
Sumbayev has not yet been indicted for organizing his investigator’s murder: Russia requested his extradition from Georgia in connection with the air and rail ticket fraud case. He also arrived in his home country on October 24, only a few days before the BBC report was released.