Security News > 2021 > November > US amps up war on ransomware with charges against REvil attackers
On Monday, the US Department of Justice announced formal charges against two foreign nationals for their role in deploying REvil ransomware attacks against organizations throughout the country.
A 22-year-old Ukrainian national named Yaroslav Vasinskyi has been charged with multiple ransomware incidents, including the July 2021 attack against IT enterprise firm Kaseya.
Vasinskyi was arrested in Poland on October 8 and is now being held by authorities while awaiting extradition to the US. Also charged by the State Department is 28-year-old Russian national Yevgeniy Polyanin, who allegedly conducted Sodinokibi/REvil ransomware attacks against a variety of victims, including businesses and government agencies in Texas in 2019.
"The Sodinokibi/REvil ransomware group attacks companies and critical infrastructures around the world, and today's announcements showed how we will fight back. In another success for the department's recently launched Ransomware and Digital Extortion Task Force, criminals now know we will take away your profits, your ability to travel, and-ultimately-your freedom."
Those ties have challenged the Biden administration, which has been trying to convince Russian President Vladimir Putin to take a tougher stance against ransomware attackers.
"The most common way for attackers to steal login details is through mobile phishing where they can target employees across a plethora of personal and work apps. Whether it's SMS, email, social media, or third-party messaging platforms, attackers have grown adept at targeting us with social engineering attacks that convince us to log in to bogus platforms and unknowingly share our credentials. Once the attackers have access, they're free to move laterally around the infrastructure until they find the valuable data they desire."
News URL
Related news
- Ransom Cartel, Reveton ransomware owner arrested, charged in US (source)
- US accuses man of being 'elite' ransomware pioneer they've hunted for years (source)
- Alleged Karakut ransomware scumbag charged in US (source)
- US Marshals Service disputes ransomware gang's breach claims (source)
- Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US (source)
- US sanctions crypto exchanges used by Russian ransomware gangs (source)