Hacker Behind Kaseya Ransomware Attack Extradited

Uploaded on 2022-03-15 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

An alleged key member of the REvil ransomware group, who federal authorities say is responsible for the Kaseya hack that encrypted thousands of its customers’ networks, has been arrested and extradited to Texas to face US charges.

Yaroslav Vasinskyi is accused of being connected to the Sodinokibi/REvil ransomware group. He was extradited and arraigned in a Dallas, Texas court on Wednesday March 9th. The US Justice Department (DOJ) said the 22-year-old was behind the July 2021 ransomware attack on Kaseya, which crippled hundreds of companies around the world for multiple days.

Vasinskyl was arrested at a border crossing in Dorohusk, a border town on the Polish and Ukrainian borders on October 8. Vasinskyl made his first court appearance and was arraigned recently.

The indictment by the DOJ said Vasinskyl was a part of the REvil ransomware gang since 2019 and had launched 2,500 attacks in addition to being responsible for the attack on Kaseya. The DOJ states he made $2.3million from ransoms from ransomware attacks.

He was charged with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. He will face a total of 115 years in prison if convicted on all charges. "The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin, and seizure of $6.1 million of his assets, and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, US government, and especially our private sector partners," FBI Director Christopher Wray said.

"The FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi/REvil."

REvil is responsible for deploying its ransomware on more than 175,000 computers. The group allegedly brought in at least $200 million from ransoms. For a long time, the REvil gang was known as one of the most prolific ransomware groups. In addition, the Russian-speaking "ransomware-as-a-service operation is allowing affiliates to rent certain access to their infrastructure as long as they get a share of the profits.

“Just eight months after committing his alleged ransomware attack on Kaseya from overseas, this defendant has arrived in a Dallas courtroom to face justice.. “When we are attacked, we will work with our partners here and abroad to go after cyber criminals, wherever they may be.” said US deputy attorney general Lisa Monaco in a statement.

US Dept. of Justice:    Oodaloop:    Techcrunch:    ZDNet:    TechTimes:    CyberNews:    Security Week:   

National Cybersecurity News

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« AI Fills In The Missing Gaps From Ancient Greece
Employees Blame Their Employer For Data Theft »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Guardtime

Guardtime

Guardtime's Black Lantern platform provides real-time cybersecurity and data-centric asset protection.

LogicManager

LogicManager

LogicManager offer a complete set of IT governance, risk and compliance software solutions and advisory services.

ATIS Systems

ATIS Systems

ATIS Systems offers first-class complete solutions for legal interception, mediation, data retention, and IT forensics.

Cyber Defense Agency (CDA)

Cyber Defense Agency (CDA)

Cyber Defense Agency is a premier professional services firm specializing in cyber security, computer network defense, and information security.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

DDOS-Guard

DDOS-Guard

DDoS-GUARD is one of the leading service providers on the global DDoS protection and content delivery markets.

CloudSphere

CloudSphere

CloudSphere’s flagship Cloud Governance Platform enables enterprises and cloud service providers to simplify and optimize cloud migration, management, and governance.

Pelion IoT

Pelion IoT

Pelion Connected Device Services are the easiest way to securely connect and manage your devices, allowing you to focus on forging your future.

Telsy

Telsy

Telsy is a security partner for ICT solutions and services. We help you implement effective security solutions that increase your risk mitigation ability and your responsiveness.

LocateRisk

LocateRisk

LocateRisk provides more efficiency, transparency and comparability in IT security with automated, KPI-based IT risk analyses.

ITSEC Asia

ITSEC Asia

ITSEC Asia works to effectively reduce exposure to information security threats and improve the effectiveness of its clients' information security management systems.

Bright Pixel Capital

Bright Pixel Capital

Bright Pixel Capital is a venture capital company with a focus on Cybersecurity, Retail Technologies, Digital Infrastructure and Emerging Technologies.

ZX Security

ZX Security

ZX Security is a New Zealand owned and operated cyber security consultancy.

enQase

enQase

enQase offers security beyond PQC; the only comprehensive, scalable solution that utilizes enhanced quantum technologies to protect data against current and future quantum threats.

CommScope

CommScope

CommScope is pushing the boundaries of technology to create the world’s most advanced wired and wireless networks.