Hacker Behind Kaseya Ransomware Attack Extradited

Uploaded on 2022-03-15 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

An alleged key member of the REvil ransomware group, who federal authorities say is responsible for the Kaseya hack that encrypted thousands of its customers’ networks, has been arrested and extradited to Texas to face US charges.

Yaroslav Vasinskyi is accused of being connected to the Sodinokibi/REvil ransomware group. He was extradited and arraigned in a Dallas, Texas court on Wednesday March 9th. The US Justice Department (DOJ) said the 22-year-old was behind the July 2021 ransomware attack on Kaseya, which crippled hundreds of companies around the world for multiple days.

Vasinskyl was arrested at a border crossing in Dorohusk, a border town on the Polish and Ukrainian borders on October 8. Vasinskyl made his first court appearance and was arraigned recently.

The indictment by the DOJ said Vasinskyl was a part of the REvil ransomware gang since 2019 and had launched 2,500 attacks in addition to being responsible for the attack on Kaseya. The DOJ states he made $2.3million from ransoms from ransomware attacks.

He was charged with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. He will face a total of 115 years in prison if convicted on all charges. "The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin, and seizure of $6.1 million of his assets, and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, US government, and especially our private sector partners," FBI Director Christopher Wray said.

"The FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi/REvil."

REvil is responsible for deploying its ransomware on more than 175,000 computers. The group allegedly brought in at least $200 million from ransoms. For a long time, the REvil gang was known as one of the most prolific ransomware groups. In addition, the Russian-speaking "ransomware-as-a-service operation is allowing affiliates to rent certain access to their infrastructure as long as they get a share of the profits.

“Just eight months after committing his alleged ransomware attack on Kaseya from overseas, this defendant has arrived in a Dallas courtroom to face justice.. “When we are attacked, we will work with our partners here and abroad to go after cyber criminals, wherever they may be.” said US deputy attorney general Lisa Monaco in a statement.

US Dept. of Justice:    Oodaloop:    Techcrunch:    ZDNet:    TechTimes:    CyberNews:    Security Week:   

National Cybersecurity News

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« AI Fills In The Missing Gaps From Ancient Greece
Employees Blame Their Employer For Data Theft »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ShmooCon

ShmooCon

ShmooCon is an annual east coast hacker convention offering three days of demonstrations and discussions of critical infosec issues.

SAST

SAST

SAST provide Static Application Security Testing as a service based on SAST Tools.

eXate

eXate

eXate provides pioneering technology that empowers organisations to protect, control and manage their sensitive data centrally, providing a complete data privacy solution.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

Cyber Security Forum Initiative (CSFI)

Cyber Security Forum Initiative (CSFI)

CSFI is a non-profit organization with a mission to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training.

N-able

N-able

N-Able deliver simple and sophisticated monitoring, security, and business solutions that empower you to solve your toughest IT challenges.

Bitdefender

Bitdefender

Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.

Indevtech

Indevtech

Indevtech has been serving Hawaii since 2001, providing end-to-end managed IT services to small- and medium-businesses.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

IDVerse

IDVerse

IDVerse is focused on making user verification effortless through technology. We build intelligent tools that protect users from identity fraud while enabling a seamless user experience.

Astreya

Astreya

Astreya is the leading IT solutions provider for some of the world's most recognizable and innovative organizations.

PowerDMARC

PowerDMARC

PowerDMARC is a domain security and email authentication SaaS platform that helps organizations protect their domain name, brand, and emails against unauthorized use.

Amiosec

Amiosec

Amiosec is a British cyber innovation business specialising in delivering simple-to-use solutions to the complex problems of the modern world.

Screwloose IT

Screwloose IT

Screwloose IT are a national provider of information technology services. We specialise in managed IT, cloud services, cyber security, website design and digital marketing for businesses of all sizes.

Trinsec 7

Trinsec 7

Trinsec 7 is the first security firm to integrate cybersecurity, electronic security, and identity protection into a single, intelligence-driven solution for growing businesses and modern families.