Security News > 2021 > January > US charges NetWalker ransomware affiliate, seizes ransom payments

The U.S. Justice Department announced today the disruption of the Netwalker ransomware operation and the indictment of a Canadian national for alleged involvement in the file-encrypting extortion attacks.
Earlier today, BleepingComputer reported that law enforcement in the U.S. and Bulgaria seized Netwalker sites on the dark web used for leaking data from non-paying victims and for negotiating payments for data decryption.
Despite starting in late 2019, Netwalker ransomware operation caused financial losses of tens of millions of US dollars.
Apart from seizing the dark web sites, the DOJ says that Canadian national Sebastien Vachon-Desjardins of Gatineau was charged in relation to Netwalker ransomware attacks.
On January 10, law enforcement was able to seize a little over $450,000 in cryptocurrency that represented ransom payments from three distinct Netwalker victims.
Incident responders from Crypsis, a Palo Alto Networks company, told BleepingComputer that in the case of three U.S. organizations Netwalker asked for cryptocurrency worth $108,000 from a public entity, a little over $2 million from a utilities organization, and $1 million from a manufacturing business.
News URL
Related news
- All your 8Base are belong to us: Ransomware crew busted in global sting (source)
- US sanctions LockBit ransomware’s bulletproof hosting provider (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware (source)
- Fake BianLian ransom notes mailed to US CEOs in postal mail scam (source)
- Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom (source)
- US seizes domain of Garantex crypto exchange used by ransomware gangs (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)