CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Cybercrime·Ransomware

Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison

Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison for his alleged role in the REvil ransomware operation. The post Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison appeared first on SecurityWeek.

A Ukrainian national was sentenced to 13 years and seven months in prison in the US for his role in the REvil ransomware operation.

The man, Yaroslav Vasinskyi, 24, was arrested in Poland in October 2021, roughly four months after REvil, also known as Sodinokibi, was used in the massive attack on IT management software maker Kaseya, which impacted over 1,500 organizations. Vasinskyi was accused of being involved in the Kaseya attack. 

In March 2022, Vasinskyi was extradited to the US, where he had been charged with conspiracy to commit fraud, damage to protected computers, and conspiracy to commit money laundering. Vasinskyi pleaded guilty to the 11-count indictment.

According to court documents, Vasinskyi, also known as Rabotnik, launched over 2,500 attacks using the REvil ransomware, encrypting the data on victims’ computers, demanding a ransom from the victims in return for a decryption key, and laundering the proceeds using crypto exchanges and mixing services.

The Sodinokibi/REvil affiliates also stole victim data and used it for extortion, threatening to publish it online unless a ransom was paid. Vasinskyi and his co-conspirators allegedly demanded over $700 million in ransom payments from the victim organizations.

The US Department of Justice last year “obtained the final forfeiture of millions of dollars’ worth of ransom payments”, including 39 Bitcoin and $6.1 million in funds received by other members of the conspiracy.

In January 2022, Russia announced that it had cracked down on the REvil hacking group, that members of the ring had been charged, and that the group’s infrastructure had been liquidated, all at the request of the US.

New REvil implants continued to be seen months later, with some security researchers suggesting that the operation was likely returning, but that did not happen, at least not under the REvil name.

Related: Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges

Related: Moldovan Operator of Credential Marketplace Sentenced to US Prison

Related: LockBit Ransomware Affiliate Sentenced to Prison in Canada

Latest News

CYBERNEWSMEDIAPublisher