Hacker Behind Kaseya Ransomware Attack Extradited

Uploaded on 2022-03-15 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

An alleged key member of the REvil ransomware group, who federal authorities say is responsible for the Kaseya hack that encrypted thousands of its customers’ networks, has been arrested and extradited to Texas to face US charges.

Yaroslav Vasinskyi is accused of being connected to the Sodinokibi/REvil ransomware group. He was extradited and arraigned in a Dallas, Texas court on Wednesday March 9th. The US Justice Department (DOJ) said the 22-year-old was behind the July 2021 ransomware attack on Kaseya, which crippled hundreds of companies around the world for multiple days.

Vasinskyl was arrested at a border crossing in Dorohusk, a border town on the Polish and Ukrainian borders on October 8. Vasinskyl made his first court appearance and was arraigned recently.

The indictment by the DOJ said Vasinskyl was a part of the REvil ransomware gang since 2019 and had launched 2,500 attacks in addition to being responsible for the attack on Kaseya. The DOJ states he made $2.3million from ransoms from ransomware attacks.

He was charged with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. He will face a total of 115 years in prison if convicted on all charges. "The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin, and seizure of $6.1 million of his assets, and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, US government, and especially our private sector partners," FBI Director Christopher Wray said.

"The FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi/REvil."

REvil is responsible for deploying its ransomware on more than 175,000 computers. The group allegedly brought in at least $200 million from ransoms. For a long time, the REvil gang was known as one of the most prolific ransomware groups. In addition, the Russian-speaking "ransomware-as-a-service operation is allowing affiliates to rent certain access to their infrastructure as long as they get a share of the profits.

“Just eight months after committing his alleged ransomware attack on Kaseya from overseas, this defendant has arrived in a Dallas courtroom to face justice.. “When we are attacked, we will work with our partners here and abroad to go after cyber criminals, wherever they may be.” said US deputy attorney general Lisa Monaco in a statement.

US Dept. of Justice:    Oodaloop:    Techcrunch:    ZDNet:    TechTimes:    CyberNews:    Security Week:   

National Cybersecurity News

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« AI Fills In The Missing Gaps From Ancient Greece
Employees Blame Their Employer For Data Theft »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Center for a New American Security (CNAS)

Center for a New American Security (CNAS)

CNAS is the nation's leading research institution focused on defense and national security policy. Cyber security issues are an intrinsic element of the national security debate.

Ripjar

Ripjar

Ripjar is a global company of talented technologists, data scientists and analysts designing products that will change the way criminal activities are detected and prevented.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

Dathena

Dathena

Dathena is a company developing data governance software based on machine learning algorithms.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

Consistec Engineering & Consulting

Consistec Engineering & Consulting

Consistec Engineering & Consulting GmbH is an information technology and services company offering solutions for monitoring the security of IT and OT infrastructure.

Global Resources

Global Resources

Global Resources' planning and management capabilities support city, regional, and national utility and infrastructure management, and information systems and cyber security service delivery.

Deft

Deft

Deft (formerly ServerCentral Turing Group) is a trusted provider of colocation, cloud, and disaster recovery services.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Green Enterprise Solutions

Green Enterprise Solutions

Green Enterprise Solutions are a Namibian company providing Information and Communication Technology (ICT) services to corporate Namibia.

Opal Security

Opal Security

Opal is an identity and access management platform that offers a consolidated view and control of your whole ecosystem from on-prem to cloud and SaaS.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

e-Safer

e-Safer

e-Safer's mission is to provide solutions and services that ensure a safer digital environment.

CloudQuery

CloudQuery

CloudQuery - bringing clarity into cloud infrastructure. The developer-first cloud governance platform for full visibility into security, compliance, and cost.