Cyber Crime

Ukrainian Hacker Part Of REvil Ransomware Gang Facing Trail In US

Published

2 years ago

March 11, 2022

US Puts Up $10 Million Bounty For Information On DarkSide Ransomware Gang

A Ukrainian individual has been accused of ransomware attacks on American companies, including the devastating strikes on Kaseya, a Florida-based software vendor, in July 2021, for which the group wanted a whopping $70 million ransom. The trial of the defendants has begun in the Northern District of Texas.

Yaroslav Vasinskyi, a 22-year-old Ukrainian, is currently on trial in the United States. According to the US Department of Justice (DoJ), the accused gained access to various firms’ internal computer networks and used REvil (also known as Sodinokibi) ransomware to encrypt data.

Vasinskyi was extradited to the United States when his name appeared in a court indictment in August 2021 for carrying out some of the most catastrophic ransomware attacks against US companies.

Meet Yaroslav Vasinskyi ("Mr Rabotnik"), aged 22. He was an affiliate of REvil and is believed to be involved in the Kaseya supply chain attack.

“If they tell you nasty things about me, believe every word,” -Yaroslav Vasinskyi

*Images of Yaroslav when he was approx. 19 pic.twitter.com/dK6SoVldTM
— vx-underground (@vxunderground) November 8, 2021

The accused was apprehended in Poland in October 2021 and taken to Dallas, Texas, in March. At the time of his detention, authorities recovered $6 million from him, which they believe came from ransom payments.

Vasinskyi broke into Kaseya’s internal networks over the 4th of July weekend in 2021, according to a news statement issued by the Department of Justice on March 9th, 2022. The accused, together with his accomplices, disseminated REvil ransomware to at least 1,500 Kaseya clients, encrypting their data and forcing them to shut down their systems for days.

The accused left notes on the victims’ computers, including a web address that guided them to a Tor network URL where they could retrieve their files after paying the ransom in virtual money. Only those who paid the ransom received the decryption key, while those who did not were punished by either exposing the stolen material online or selling it to third parties.

Hundreds of supermarkets remained closed in Sweden and New Zealand because their cash registers were made unworkable, while schools and kindergartens went offline, despite the fact that the 1,500 businesses impacted sensed only a minor threat.

Follow The420.in on

The420.in

Ukrainian Hacker Part Of REvil Ransomware Gang Facing Trail In US

You may like