Hacker Sentenced to 13 Years in Prison for REvil Ransomware Attacks | #ransomware | #cybercrime

A Ukrainian ransomware attacker has been sentenced to over a decade in prison for his role in thousands of REvil ransomware attacks following an FBI investigation with international authorities, the US Department of Justice announced Wednesday.

Yaroslav Vasinskyi, 24, who also goes by the pseudonym Rabotnik, was found responsible for participating in over 2,500 REvil attacks that netted approximately $700 million. Vasinskyi and his collaborators attempted to launder the funds but ultimately failed, the DOJ says, adding that REvil affiliates try to launder their ransom payments through crypto swapping and mixing services. Vasinskyi now owes $16 million in restitution for his actions in addition to 13 years and seven months of prison time.

“The FBI’s close collaboration with our worldwide partners has again ensured that a cybercriminal who thought he was beyond our reach faces the consequences of his actions,” FBI Director Christopher Wray said in a statement. “We will continue to relentlessly pursue cyber criminals like Vasinksyi wherever they may hide, while we disrupt their criminal schemes, seize their money and infrastructure, and target their enablers and criminal associates to the fullest extent of the law.”

Ransomware attackers like Vasinskyi typically demand cryptocurrency payments like Bitcoin to release seized, encrypted victim data because crypto transactions can’t be reversed as easily as credit card payments. Crypto transactions are also harder, but still possible, to tie to a specific individual, especially when crypto is sent from wallet to wallet and funneled through platforms like Tornado Cash—a platform the US has also taken action against.

“Vasinskyi and his co-conspirators hacked into thousands of computers around the world and encrypted them with ransomware,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division.

Vasinskyi’s sentencing has been years in the making. After REvil attackers hit over 200 businesses, President Biden ordered federal agencies to investigate the REvil attacks in July 2021. By November that year, the DOJ announced that Vasinskyi was arrested at the Polish border and being held for extradition to the US. By March 2022, Vasinskyi was extradited. In Texas, he pleaded guilty on 11 counts of charges including conspiracy to commit fraud and conspiracy to commit money laundering.

Recommended by Our Editors

Unfortunately, ransomware attacks are on the rise and remain an ongoing threat for US businesses. Last year, ransomware netted cybercriminals over $1 billion, according to one report published earlier this year. The biggest attacks have targeted a range of organizations, from health insurance companies to video game studios. Leaked ransomware data often includes confidential employee or customer data, including full names and addresses, tax forms, and other sensitive information.

And there’s a slew of different cybercriminal groups out there in addition to REvil. Notably, the AlphV/Blackcat group that’s claimed responsibility for breaching UnitedHealthcare subsidiary Change Healthcare has put an estimated one-third of all Americans’ personal information at risk, UnitedHealth CEO Andrew Witty revealed this week. In the case of Change, attackers were able to get into its computer systems by exploiting a flaw in remote-access Citrix software, the executive said.

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Source link


National Cyber Security