The US government will attempt to extradite a Ukrainian citizen from Poland who is accused of being behind the July 2, 2021 REvil (also known as Sodinokibi) ransomware attack on Kaseya, in an evolving global crackdown on the cybercrime syndicate that has seen too two gang members arrested in Romania.
In an August indictment, which was unsealed by US Attorney General Merrick Garland of the Justice Department (DoJ) in Washington DC on Monday, November 8, Yaroslav Vasinskyi, 22, who is currently on remand, has been charged with several cybercrimes. He was arrested on October 8 while attempting to cross the border from Ukraine to Poland after the US issued an international arrest warrant.
“Cybercrime is a serious threat to our country – our personal safety, the health of our economy and our national security,” said Garland. “Our message today is clear. The United States, along with our allies, will do everything in our power to identify the perpetrators of ransomware attacks, bring them to justice, and recover the funds they stole from their victims. “
At the same time, the US Department of Justice announced the seizure of 6 million in a series of 3,000 REvil ransomware attacks in the US.
“Our message to ransomware criminals is clear: If you target victims here, we will target you,” said US Assistant Attorney General Lisa Monaco.
“The Sodinokibi / REvil ransomware group is targeting businesses and critical infrastructures around the world, and today’s announcements have shown how we will fight back. Another achievement for the recently launched department Task Force Ransomware and Digital Extortion, criminals now know that we are stealing your profits, your ability to travel and, ultimately, your freedom.
“Together with our partners at home and abroad, the department will continue to dismantle ransomware groups and disrupt the cybercriminal ecosystem that enables ransomware to exist and threaten us all.”
Both Vasinskyi and Polyanin face separate charges of conspiracy to commit computer fraud, damage to protected computers and conspiracy to commit money laundering. If convicted, men face maximum sentences of 115 and 145 years’ imprisonment.
Rapid7 Chief data scientist Bob Rudis said: “REvil did massive damage while serving as the ‘Amazon’ of criminals Ransomware-as-a-Service [RaaS] Operator. The Kaseya attack enabled by their platform was not a minor event, causing havoc in both meatspace and cyberspace, affecting families, schools, communities, healthcare providers, small businesses, and large corporations around the world.
“It is encouraging to see what can be done when policy meets empowerment and authorities have support and resources to take decisive action. I hope that as more criminals are caught and prosecuted and their ill-gotten gains restored, attackers will finally switch to other, less risky business models or disappear altogether, but this is more of a dream problem than probability. “
The US State Department today received a $ 10 million bounty in a REvil attack. This is the second reward the US government has offered for information about ransomware operators. after targeting the DarkSide group last week.
Meanwhile, the US Treasury Department’s Office of Foreign Asset Control (Ofac) has named both Vasinskyi and Polyanin for their roles in multiple REvil attacks on US targets, as well as a polyanin-owned company. This means that their property or property interests, which are subject to US jurisdiction, have been blocked and US citizens are prohibited from transacting with them, while financial institutions who come in contact with them may face sanctions or law enforcement.
In another move, Ofac has also designated the cryptocurrency exchange Chatex to facilitate financial transactions for several ransomware operators and three other entities – Izibits Ou, Chatextech SIA and Hightrade Finance – to provide material support and support for Chatex, including setting up its IT infrastructure .
“Ransomware groups and criminal organizations have targeted American companies and public institutions of all sizes and sectors to undermine the backbone of our economies,” said Assistant Treasury Secretary Wally Adeyemo.
“We will continue to place all agencies available to the Treasury Department to disrupt, deter, and prevent future threats to the United States economy. This has the highest priority for the Biden administration. “
#USA #extradite #REvil #subsidiary #Kaseya #attacked