Security News > 2022 > March > Ukrainian Hacker Linked to REvil Ransomware Attacks Extradited to United States

Yaroslav Vasinskyi, a Ukrainian national, linked to the Russia-based REvil ransomware group has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July.
The 22-year-old had been previously arrested in Poland in October 2021, prompting the U.S. Justice Department to file charges of conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering.
Ransomware is the digital equivalent of extortion wherein cybercrime actors encrypt victims' data and take it hostage in return for a monetary payment to recover the data, failing which the stolen information is published online or sold to other third-parties.
According to the DoJ, in addition to the headline-grabbing attacks on JBS and Kaseya, REvil is said to have propagated its infection to more than 175,000 computers, netting the group at least $200 million paid in virtual currency ransoms.
According to the indictment, the defendant is alleged to be responsible for deploying the Sodinokibi/REvil ransomware via a supply chain attack that targeted as many as 1,500 customers of Kaseya across the globe and demanding a bitcoin ransom in exchange for gaining back access to the locked files.
"Just eight months after committing his alleged ransomware attack on Kaseya from overseas, this defendant has arrived in a Dallas courtroom to face justice," said Deputy Attorney General Lisa O. Monaco.
News URL
https://thehackernews.com/2022/03/ukrainian-hacker-linked-to-revil.html
Related news
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Suspected LockBit ransomware dev extradited to United States (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)