A computer specialist now facing criminal hacking charges in the United States previously held a senior position at Moscow-based Kaspersky Lab, according to a person familiar with the matter and personnel records examined by Reuters.
Denis Obrezko, who entered a not guilty plea at a hearing in Boston last week on allegations of computer crimes, is reported to have worked at Kaspersky as a senior specialist between 2017 and 2019. That employment period is documented in leaked salary records and corroborated by a former colleague.
U.S. prosecutors have stated that Obrezko spent the five years prior to the alleged misconduct working for Russia's domestic intelligence service, known as the FSB. The alleged hacking activity that is the focus of current charges occurred after his departure from Kaspersky, according to the documents and filings.
Although the indictment links the defendant to activity outside his Kaspersky tenure, the revelation of his former role at one of the world's largest antivirus vendors is likely to renew attention on the company's relationship with Russian state institutions. Kaspersky once had a substantial presence in the United States before concerns about its ties to the Kremlin eroded that market position.
In response to questions, Kaspersky confirmed that an employee with the named identity worked for the company from 2017 to 2019 and said it had no information on his present status. The company added that the offenses charged could not be connected to the individual's responsibilities while employed there.
Obrezko's attorney, Max Nemtsev, declined to comment on the defendant's employment history in an email. Efforts to obtain comment from the FSB were unsuccessful, and repeated requests to the Russian Embassy in Washington went unanswered. Russian officials generally deny responsibility for state-sponsored hacking campaigns, according to the information available in the filings.
Details about Obrezko's exact role and duties at Kaspersky during the 2017-2019 period were not determinable from the records reviewed. A social media profile on VKontakte associated with one of his email addresses lists him as a graduate of Moscow's Bauman University, where he specialized in information security. Leaked resume material in the reviewed files echoed that specialization. Bauman University did not reply to a request for comment.
U.S. prosecutors' documents accuse Obrezko of involvement in a hacking collective referred to in filings as "Void Blizzard" or "Laundry Bear." The indictment alleges the group conducted broad thefts of emails and other communications from several NATO-aligned European government agencies and at least 11 U.S. companies, carrying out those intrusions on behalf of the Russian government beginning in 2023.
The same indictment attributes the Void Blizzard operations to a Russian cybersecurity firm identified as Yutek-NN, where Obrezko is said to have been deputy director from 2024 onward. The indictment, filed last week, did not mention his earlier employment at Kaspersky; that connection is reported here for the first time.
Yutek-NN presents itself on its website as a multipurpose IT company that employs advanced technology and innovative design. Russian corporate filings show the Nizhny Novgorod-based firm holds a license from the FSB to develop, sell or obtain "special technical means for the covert acquisition of information." Yutek did not respond to repeated requests for comment.
Security analysts and academics have noted that the prosecution of an individual with ties to both a prominent cybersecurity company and to state-linked entities may reinforce existing skepticism about the boundaries between commercial security vendors and intelligence services. Stefan Soesanto, a lecturer at the Lucerne University of Applied Sciences and Arts, said the case was "a vindication for all those that are already highly critical of Kaspersky." He also observed that the lines separating the cybersecurity industry and national intelligence organizations can be porous.
Kaspersky has consistently maintained that it operates independently of the Kremlin. Nevertheless, the company faced formal restrictions in the United States, including a 2024 ban by the U.S. Commerce Department, and has drawn warnings from European authorities, as reflected in the public record and government actions.
The court proceedings in Boston have begun to place individual employment histories and corporate affiliations under close scrutiny, even as legal filings continue to center on the activities alleged to have occurred after the individual's time at Kaspersky. The available evidence leaves aspects of Obrezko's responsibilities at the antivirus firm unclear, a point underscored by investigators' inability to determine his exact duties during the 2017-2019 period.
As the case moves forward, official responses from Russian state entities have not materialized, and some organizations named in the filings did not reply to requests for comment. The allegations, the indictment and the employment records together present a complex picture that ties together a prominent commercial cybersecurity vendor, a licensed IT firm and asserted state-directed hacking operations.
Summary of key developments:
- Denis Obrezko pleaded not guilty last week in Boston to U.S. computer crime charges.
- Leaked salary records and a former colleague indicate he worked at Kaspersky Lab as a senior specialist from 2017 to 2019.
- U.S. prosecutors allege Obrezko spent five years working for the FSB and later served as deputy director of Yutek-NN, connected by indictment to a mass hacking campaign beginning in 2023.