Security News > 2021 > November > Ukrainian cuffed, faces extradition to US for allegedly orchestrating Kaseya ransomware infection

In a major ransomware bust US and European authorities on Monday announced separate but related indictments and arrests linked to extortionware attacks on IT service provider Kaseya and other firms.

Europol said Romanian police last week arrested two individuals suspected of involvement in cyberattacks that utilized the Sodinokibi/REvil ransomware.

In February, Euro cops nabbed three other individuals said to be affiliated with Sodinokibi/REvil and two people suspected of involvement with a ransomware family known as GandCrab.

The US Justice Department on Monday held a press conference at which officials announced the seizure of $6.1m in ransomware payments and the indictment of two individuals, Ukrainian national Yaroslav Vasinskyi and Russian national Yevgeniy Polyanin, for allegedly conducting Sodinokibi/REvil attacks.

The US Department of State on Monday announced "a reward of up to $10m for information leading to the identification or location of any individual holding a key leadership position in the Sodinokibi ransomware variant transnational organized crime group." And there's an additional $5m offered for information that leads to an arrest and/or conviction.

The State Department last week made a similar $10m/$5m reward offer for information leading to the identification of location and to the arrest and/or conviction of the leaders of the DarkSide ransomware operation, which is said to have been used to attack the Colonial Pipeline Company in May 2021.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/11/08/revil_ransomware_operators/