US charges 2 suspected major ransomware operators – KIRO 7 News Seattle

0
423

WASHINGTON – (AP) – A suspected Ukrainian hacker was arrested and charged in the US in connection with a number of costly ransomware attacks, including one that disrupted businesses around the world on the weekend of July 4th, US officials said Monday with.

Yaroslav Vasinskyi was arrested last month after traveling to Poland, according to the Justice Department, which also announced the recovery of $ 6.1 million in ill-gotten funds from a Russian national who has been separately charged and is wanted by law enforcement agencies.

Both men are said to be linked to the Russia-based ransomware gang REvil, which has been blamed for hacks that extorted payments of at least $ 200 million, Attorney General Merrick Garland said. Victims last year included the world’s largest meat processor JBS SA and a software company called Kaseya in an attack over the weekend that the company said affected between 800 and 1,500 companies.

The involvement of multiple agencies across the Biden administration was perhaps the best-known response to a spate of ransomware attacks that officials say continue to threaten national security and the economy. Assistant Attorney General Lisa Monaco appeared to anticipate the announcement in an interview with The Associated Press last week, saying that “more arrests will occur in the coming days and weeks”.

At a press conference on Monday, she said: “We have used every tool and authority at our disposal to hunt down and hold cyber criminals accountable wherever they want to hide.”

The prosecution accuses Vasinskyi (22) of using the ransomware REvil, also known as Sodinokibi, against victims around the world – including the massive attack on Kaseya. Yevgeny Polyanin, a Russian citizen, is charged in a separate indictment alleging that he participated in a spate of attacks and left electronic notes on victims’ computers to help them pay ransom and decrypt their files.

Both charges were brought in federal court in the Northern District of Texas, a state where REvil ransomware compromised the computer networks of about two dozen local government agencies in the summer of 2019.

The US is demanding Vasinsky’s extradition from Poland to Texas. Despite successfully recovering from $ 6 million in ransomware payments made by polyanine, the FBI continues to pursue its arrest, and the State Department on Monday announced a $ 10 million reward for anyone providing information leading to the arrest of leaders of the REvil group.

The Treasury Department, meanwhile, announced sanctions against the couple, and it was said that a virtual currency exchange, Chatex, was being used by ransomware gangs.

President Joe Biden praised the government’s actions, saying he was keeping his promise to Russian leader Vladimir Putin that the US would hold cybercriminals accountable. He said the US would “use all the strength of the federal government to disrupt malicious cyber activity and actors” and “build resilience in the home.”

The criminal charges were announced hours after European law enforcement agencies announced the results of a lengthy 17-nation operation called GoldDust. As part of this operation, a total of seven hackers linked to REvil and another ransomware family have been arrested since February, including two by Romanian authorities last week.

The Justice Department has tried several avenues to combat a wave of ransomware it sees as a threat to national security and the economy. The arrests of foreign hackers are significant to the Department of Justice as many of them operate in the havens of countries that do not extradite their own citizens to the US for law enforcement.

“There are many reasons people travel, and I can’t go into the specific reasons Mr. Vasinskyi traveled, but boy are we glad he did,” FBI Director Christopher Wray said Monday.

Even so, the ransomware threat was difficult to contain. Monaco told the AP last week that even since Biden’s admonitions to Putin last summer to curb ransomware gangs, “we haven’t seen any significant change in the landscape.”

Garland declined to answer directly when asked if there was any evidence that the Russian government knew about REvil’s activities, but said, “We expect and hope that any government in which these ransomware actors reside will do everything Those in their power will do to provide that person with us for the indictment. “

The $ 6.1 million seizure in this case builds on a similar success from months ago.

The Justice Department seized 2.3 million in June.

___

Suderman reported from Richmond, Virginia. Dallas Associated Press Writer Jake Bleiberg contributed to this report.

____

Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP.


https://www.kiro7.com/news/politics/us-charges-2/AKNLDKDOH2AWPXHQBQQXXNBS6Q/