Hacker Behind Kaseya Ransomware Attack Extradited

Uploaded on 2022-03-15 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

An alleged key member of the REvil ransomware group, who federal authorities say is responsible for the Kaseya hack that encrypted thousands of its customers’ networks, has been arrested and extradited to Texas to face US charges.

Yaroslav Vasinskyi is accused of being connected to the Sodinokibi/REvil ransomware group. He was extradited and arraigned in a Dallas, Texas court on Wednesday March 9th. The US Justice Department (DOJ) said the 22-year-old was behind the July 2021 ransomware attack on Kaseya, which crippled hundreds of companies around the world for multiple days.

Vasinskyl was arrested at a border crossing in Dorohusk, a border town on the Polish and Ukrainian borders on October 8. Vasinskyl made his first court appearance and was arraigned recently.

The indictment by the DOJ said Vasinskyl was a part of the REvil ransomware gang since 2019 and had launched 2,500 attacks in addition to being responsible for the attack on Kaseya. The DOJ states he made $2.3million from ransoms from ransomware attacks.

He was charged with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. He will face a total of 115 years in prison if convicted on all charges. "The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin, and seizure of $6.1 million of his assets, and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, US government, and especially our private sector partners," FBI Director Christopher Wray said.

"The FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi/REvil."

REvil is responsible for deploying its ransomware on more than 175,000 computers. The group allegedly brought in at least $200 million from ransoms. For a long time, the REvil gang was known as one of the most prolific ransomware groups. In addition, the Russian-speaking "ransomware-as-a-service operation is allowing affiliates to rent certain access to their infrastructure as long as they get a share of the profits.

“Just eight months after committing his alleged ransomware attack on Kaseya from overseas, this defendant has arrived in a Dallas courtroom to face justice.. “When we are attacked, we will work with our partners here and abroad to go after cyber criminals, wherever they may be.” said US deputy attorney general Lisa Monaco in a statement.

US Dept. of Justice:    Oodaloop:    Techcrunch:    ZDNet:    TechTimes:    CyberNews:    Security Week:   

National Cybersecurity News

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« AI Fills In The Missing Gaps From Ancient Greece
Employees Blame Their Employer For Data Theft »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

RU-CERT

RU-CERT

RU-CERT is the CSIRT / CERT team of the Russian Federation.

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

Jamcracker

Jamcracker

Jamcracker is a cloud services management and cloud governance solutions company, with more than a decade of experience providing industry leading software and services.

IDnow

IDnow

IDnow is the world’s fastest, most flexible and most secure identity verification platform, delivering instant verification of the identity documents used by 7 billion people.

ShieldIOT

ShieldIOT

ShieldIOT delivers a complete AI-powered security solution across any IoT device, application and network.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

Tidal Cyber

Tidal Cyber

We formed Tidal for one simple reason—we believe that defenders need and deserve tools and services that make achieving the benefits of threat-informed defense practical and sustainable.

AuthX

AuthX

AuthX provides secure and seamless log-in capabilities through strong authentication and integrations.

Lightpoint Global

Lightpoint Global

Lightpoint Global is a bespoke software development company. We also provide a spectrum of services such as IT consulting, business analysis, QA and testing, and DevOps services.

Corix Partners

Corix Partners

Corix Partners is a Boutique Management Consultancy Firm focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation and Governance challenges.

Dryad Global

Dryad Global

Dryad Global offers a comprehensive suite of maritime intelligence solutions, including a best-in-class situational awareness, planning and security system and industry-leading cyber protection tools.

Velotix

Velotix

Velotix empowers organizations to maximize the value of their data while ensuring security and compliance in a rapidly evolving regulatory landscape.

Hanwha Systems

Hanwha Systems

Hanwha Systems is a global company based in South Korea providing defense electronics and smart ICT solutions.