According to US officials, a suspected Ukrainian hacker has been detained and prosecuted in the United States in connection with a series of pricey ransomware attacks, including one that wreaked havoc on businesses throughout the world over the Fourth of July weekend.
According to the Justice Department, Yaroslav Vasinskyi was detained last month after going to Poland. The department also announced the seizure of $6.1 million in ill-gotten gains from a Russian national who was accused separately and is still being sought by the FBI.
Both individuals are suspected of being members of the well-known Russian ransomware gang REvil, whose attacks have infected tens of thousands of machines throughout the world and resulted in at least $200 million in ransom payments, according to Attorney General Merrick Garland. JBS SA, the world’s largest meat processor, and Kaseya, a technology company that was struck in a holiday weekend attack in July that affected between 800 and 1,500 businesses that relied on its software, were among the victims.
In a separate indictment, Russian national Yevgeniy Polyanin is indicted. He’s suspected of launching more than 3,000 ransomware attacks on businesses and government agencies across the United States, including law enforcement and municipal governments in Texas.
Both indictments were filed in federal court in the Northern District of Texas, where the REvil ransomware infected the computer networks of more than two dozen municipal governments in the summer of 2019.
Vasinskyi’s extradition from Poland is being sought by the US. Despite the fact that the FBI was able to confiscate $6 million in ransomware payments from Polyanin, the FBI is still looking for him, and the State Department issued a $10 million reward on Monday for anybody with information leading to the detention of any REvil gang leaders.
Meanwhile, the Treasury Department imposed sanctions on the duo as well as Chatex, a virtual currency exchange that it claims was used to support ransomware groups’ financial activities.
The Justice Department has tried a number of approaches to combat the ransomware epidemic, which has expanded in recent months with assaults on essential infrastructure and large organisations. Foreign hacker arrests are significant and unusual for the Justice Department, as many of them operate in nations that do not extradite their own nationals to the United States for punishment.
Despite this, ransomware assaults, in which hackers steal and encrypt data before demanding exorbitant sums to release it to victims, have proven difficult to stop. Since Biden’s exhortation to Putin last summer to reign in ransomware gangs, Monaco told the Associated Press this week.
The seizure of $6.1 million in this case follows a similar accomplishment a few months previously.
Following a ransomware assault that prompted the firm to briefly suspend operations, causing gasoline shortages in sections of the nation, federal officials confiscated $2.3 million in cryptocurrencies from a payment made by Colonial Pipeline in June.
Officials from the Justice Department also used Monday’s press conference to call on Congress to establish a national standard for reporting major cyber events and to mandate that such information be shared with federal law enforcement quickly.