The IT Nerd

I’ve been saying for a very long time that people behind cybercrimes need to be brought to justice 100% of the time. Now I finally get my wish. The U.S. Department of Justice announced that alleged REvil ransomware affiliate, Yaroslav Vasinskyi, was extradited to the United States last week to stand trial for the Kaseya cyberattack:

According to the indictment, Vasinskyi was allegedly responsible for the July 2, 2021, ransomware attack against Kaseya. In the alleged attack against Kaseya, Vasinskyi caused the deployment of malicious Sodinokibi/REvil code throughout a Kaseya product that caused the Kaseya production functionality to deploy REvil ransomware to “endpoints” on Kaseya customer networks. After the remote access to Kaseya endpoints was established, the ransomware was executed on those computers, which resulted in the encryption of data on computers of organizations around the world that used Kaseya software.

Through the deployment of Sodinokibi/REvil ransomware, the defendant allegedly left electronic notes in the form of a text file on the victims’ computers. The notes included a web address leading to an open-source privacy network known as Tor, as well as the link to a publicly accessible website address the victims could visit to recover their files. Upon visiting either website, victims were given a ransom demand and provided a virtual currency address to use to pay the ransom. If a victim paid the ransom, the defendant provided the decryption key and the victim then was able to access their files. If a victim did not pay the ransom, the defendant typically posted the victim’s stolen data or claimed they sold the stolen data to third parties, and victims remained unable to access their files.

Vasinskyi is charged with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. If convicted of all counts, he faces a total penalty of 115 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Vasinskyi, a Ukrainian national with ties to a ransomware group linked to Russia-based actors, was taken into custody in Poland where he remained held by authorities pending proceedings in connection with his requested extradition to the United States, pursuant to the extradition treaty between the United States and the Republic of Poland. Vasinskyi was transported to Dallas by U.S. law enforcement authorities where he arrived on March 3. He made his initial court appearance and was arraigned today in the Northern District of Texas.

Nice! Hopefully others get their day in court so that they can get the punishment that they deserve. Because these sorts of crimes should never go unpunished.

This entry was posted on March 12, 2022 at 10:20 am and is filed under Commentary with tags Crime. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.