Hacker Behind Kaseya Ransomware Attack Extradited

Uploaded on 2022-03-15 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

An alleged key member of the REvil ransomware group, who federal authorities say is responsible for the Kaseya hack that encrypted thousands of its customers’ networks, has been arrested and extradited to Texas to face US charges.

Yaroslav Vasinskyi is accused of being connected to the Sodinokibi/REvil ransomware group. He was extradited and arraigned in a Dallas, Texas court on Wednesday March 9th. The US Justice Department (DOJ) said the 22-year-old was behind the July 2021 ransomware attack on Kaseya, which crippled hundreds of companies around the world for multiple days.

Vasinskyl was arrested at a border crossing in Dorohusk, a border town on the Polish and Ukrainian borders on October 8. Vasinskyl made his first court appearance and was arraigned recently.

The indictment by the DOJ said Vasinskyl was a part of the REvil ransomware gang since 2019 and had launched 2,500 attacks in addition to being responsible for the attack on Kaseya. The DOJ states he made $2.3million from ransoms from ransomware attacks.

He was charged with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. He will face a total of 115 years in prison if convicted on all charges. "The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin, and seizure of $6.1 million of his assets, and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, US government, and especially our private sector partners," FBI Director Christopher Wray said.

"The FBI has worked creatively and relentlessly to counter the criminal hackers behind Sodinokibi/REvil."

REvil is responsible for deploying its ransomware on more than 175,000 computers. The group allegedly brought in at least $200 million from ransoms. For a long time, the REvil gang was known as one of the most prolific ransomware groups. In addition, the Russian-speaking "ransomware-as-a-service operation is allowing affiliates to rent certain access to their infrastructure as long as they get a share of the profits.

“Just eight months after committing his alleged ransomware attack on Kaseya from overseas, this defendant has arrived in a Dallas courtroom to face justice.. “When we are attacked, we will work with our partners here and abroad to go after cyber criminals, wherever they may be.” said US deputy attorney general Lisa Monaco in a statement.

US Dept. of Justice:    Oodaloop:    Techcrunch:    ZDNet:    TechTimes:    CyberNews:    Security Week:   

National Cybersecurity News

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

 

« AI Fills In The Missing Gaps From Ancient Greece
Employees Blame Their Employer For Data Theft »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Barracuda

Barracuda

Barracuda provides a comprehensive cybersecurity platform to protect organizations from all major attack vectors that are present in today’s complex threats.

DataLocker

DataLocker

DataLocker offers both hardware based external storage and software based cloud storage encryption solutions.

IronScales

IronScales

IronScales combines human intelligence with machine learning to automatically prevent, detect and respond to email phishing attacks.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

Mitre

Mitre

At Mitre we work across government to tackle challenges to the safety, stability, and well-being of our nation. Areas of expertise include Cybersecurity.

Basque Digital Innovation Hub (BDIH)

Basque Digital Innovation Hub (BDIH)

The aim of the BDIH initiative is to provide industrial enterprises, especially SMEs, with the technological capabilities needed to meet the challenges of industry 4.0.

Measured Insurance

Measured Insurance

Measured Insurance are bridging the gap between technology and Insurance using AI-Powered analytics that track clients’ exposure in real time to create smarter insurance products.

GateKeeper Enterprise

GateKeeper Enterprise

The GateKeeper Enterprise software is an identity access management solution. Automated proximity-based authentication into computers and websites. Passwordless login and auto-lock PCs.

Saepio Solutions

Saepio Solutions

Saepio promote an all-encompassing approach to cybersecurity, ensuring the appropriate balance of budget and resource across Policy, Product and People.

IronClad Encryption (ICE)

IronClad Encryption (ICE)

Ironclad Encryption is Dynamic Encryption. The encryption sequence changes continuously so there is never a correlation between data sent and data received.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

DOT Europe

DOT Europe

DOT Europe is a consensus based organisation which brings a diverse membership together to agree on their collective stance on EU tech policy.