Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

Might 02, 2024NewsroomRansomware / Cyber Crime

A Ukrainian nationwide has been sentenced to greater than 13 years in jail and ordered to pay $16 million in restitution for finishing up hundreds of ransomware assaults and extorting victims.

Yaroslav Vasinskyi (aka Rabotnik), 24, alongside along with his co-conspirators a part of the REvil ransomware group orchestrated greater than 2,500 ransomware assaults and demanded ransom funds in cryptocurrency totaling greater than $700 million.

“The co-conspirators demanded ransom payments in cryptocurrency and used cryptocurrency exchangers and mixing services to hide their ill-gotten gains,” the U.S. Division of Justice (DoJ) stated.

Cybersecurity

“To drive their ransom demands higher, Sodinokibi/REvil co-conspirators also publicly exposed their victims’ data when victims would not pay ransom demands.”

Vasinskyi was extradited to the U.S. in March 2022 following his arrest in Poland in October 2021. REvil, previous to formally going offline in late 2021, was accountable for a sequence of high-profile assaults on JBS and Kaseya.

He beforehand pleaded responsible within the Northern District of Texas to an 11-count indictment charging him with conspiracy to commit fraud and associated exercise in reference to computer systems, injury to protected computer systems, and conspiracy to commit cash laundering.

The Justice Division stated it additionally obtained the ultimate forfeiture of hundreds of thousands of {dollars}’ price of ransom funds obtained by two associated civil forfeiture instances in 2023. This consists of 39.89138522 Bitcoin and $6.1 million in U.S. greenback funds which were traced again to alleged ransom funds acquired by different members of the conspiracy.

Vasinskyi, alongside Russian nationwide Yevgeniy Polyanin, was sanctioned by the U.S. Division of the Treasury’s Workplace of Overseas Property Management (OFAC) in November 2021 as a part of broader government-wide efforts to fight ransomware.

Cybersecurity

The event comes weeks after the DoJ indicted a 37-year-old Moldovan nationwide, Alexander Lefterov (aka Alipako, Uptime, and Alipatime), for working a botnet comprising hundreds of contaminated computer systems throughout the U.S. from March 2021 by November 2021, which have been then monetized by promoting the entry to different menace actors to distribute malware, together with ransomware.

“Lefterov and his co-conspirators stole victims’ login credentials – i.e., usernames and passwords—from the infected computers and then used the credentials to gain access to victim accounts at financial institutions, payment processers, and retail establishments as means to steal money from the victims,” the company stated.

Court docket paperwork present that the compromised computer systems could possibly be accessed straight utilizing a hidden digital community computing (hVNC) server with out the victims’ information, thereby permitting Lefterov et al to register to their on-line accounts.

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.

Recent articles

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...