Security News > 2022 > June > Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks
A former Canadian government employee this week agreed to plead guilty in the U.S. to charges related to his involvement with the NetWalker ransomware syndicate.
The 34-year-old IT consultant from Gatineau, Quebec, was initially apprehended in January 2021 following a coordinated law enforcement operation to dismantle the dark web infrastructure used by the NetWalker ransomware cybercrime group to publish data siphoned from its victims.
In February 2022, the Ontario Court of Justice sentenced him to six years and eight months in prison after he pleaded guilty to five criminal charges prior to his extradition to the U.S. Stating that the defendant "Excelled at what he did," the court said that the individual "Even improved upon the ransom messages used by NetWalker affiliates and eventually convinced the creator of NetWalker to use 'mixing services' to disguise funds paid for ransoms in Bitcoin." The ruling also called him "Good-looking, presentable, and instantly likeable."
Attacks mounted by the NetWalker gang are believed to have targeted dozens of victims all over the world, specifically singling out the healthcare sector during the COVID-19 pandemic in an attempt to capitalize on the global crisis opportunistically.
Vachon-Desjardins, in his capacity as one of the 100 affiliates for the NetWalker gang, is suspected to be linked to at least 91 attacks since April 2020, in addition to working for other RaaS groups like Sodinokibi, Suncrypt, and Ragnarlocker.
According to court documents filed a district court in Florida, the NetWalker crew amassed 5,058 bitcoin in illegal payments, with Vachon-Desjardins named as "One of the most prolific NetWalker ransomware affiliates" and responsible for the extortion of about 1,864 bitcoin.
News URL
https://thehackernews.com/2022/06/ex-canadian-government-employee-pleads.html
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Canadian Suspect Arrested Over Snowflake Customer Breach and Extortion Attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)