Ransomware is the digital equivalent of extortion in which cybercriminals encrypt users data and hold it hostage in exchange for a payment to recover the data; otherwise, the stolen information is published online or sold to other third parties.
Yaroslav Vasinskyi, a Ukrainian national linked to the Russia-based REvil ransomware group has been extradited to the United States to face charges in connection with the July file-encrypting malware attacks on several companies.
The 22-year-old had previously been arrested in Poland in October 2021, prompting the US Justice Department (DoJ) to file charges of conspiracy to commit fraud and related activity involving computers, damage to protected computers and conspiracy to commit money laundering.
Vasinskyi, who was brought to Dallas on March 3 as part of an extradition treaty between the United States and Poland had his charges formally read in the Northern District of Texas. Vasinskyi faces a total prison term of 115 years if convicted on all counts.
According to DOJ, in addition to the high-profile attacks on JBS and Kaseya, REvil is said to have infected over 175,000 computers, earning the group at least $200 million in virtual currency ransoms before going dark late last year.
The defendant is accused of deploying the Sodinokibi/REvil ransomware through a supply chain attack that targeted up to 1,500 Kaseya customers around the world and demanding a bitcoin ransom in exchange for regaining access to the locked files.
Finally the researchers concluded that ,”This defendant has arrived in a Dallas courtroom to face justice just eight months after allegedly committing his alleged ransomware attack on Kaseya from overseas . When we are attacked, we will work with our partners in the United States and abroad to pursue cybercriminals wherever they may be.“