May 2, 2024 at 10:50AM
Ukrainian national Yaroslav Vasinskyi, aka “Rabotnik,” was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation. He and his co-conspirators conducted over 2,500 attacks and demanded over $700 million in ransom. Vasinskyi was linked to the Kaseya supply-chain ransomware attacks, impacting over 1,500 companies worldwide. extradited to the US in March 2022 and pleaded guilty to an 11-count indictment. He will also pay $16,000,000 in restitution. The US DoJ also announced the seizure of 39.89138522 Bitcoin and $6.1 million related to ransom payments and operations indirectly linked to Vasinskyi. REvil, one of the most successful ransomware operations, reached its peak in 2021 and shut down in October 2021 following increased law enforcement efforts in Russia.
Summary of Meeting Notes:
– Yaroslav Vasinskyi, also known as “Rabotnik,” a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation.
– He was involved in over 2,500 REvil (Sodinokibi) attacks demanding ransom payments surpassing $700 million and engaged in double extortion by threatening to leak corporate data if ransom was not paid.
– Vasinskyi was arrested in October 2021 while trying to enter Poland and was charged with conspiracy to commit fraud, intentional damage to a protected computer, and conspiracy to commit money laundering.
– He was linked to the Kaseya supply-chain ransomware attacks, impacting over 1,500 companies worldwide, using a zero-day flaw in the Kaseya VSA software.
– Vasinskyi pleaded guilty to the 11-count indictment and was sentenced to 13 years and seven months in prison, with a requirement to pay $16 million in restitution. Additionally, assets of 39.89138522 Bitcoin and $6.1 million related to ransom payments and operations indirectly linked to him were seized.
– The meeting also discussed REvil’s peak in 2021, including the Kaseya MSP supply-chain attack, a $50 million ransom demand from Acer, and blueprint leaks of unreleased Apple devices. The ransomware-as-a-service shutdown in October 2021 following hijacking of its Tor sites and increased law enforcement efforts in Russia, leading to several arrests.
Let me know if you need any further details or specific points clarified.