On Wednesday, Yaroslav Vasinskyi was extradited and arraigned in a Dallas, Texas, court. He is suspected of being linked to the Sodinokibi/REvil ransomware organization. In November, the Justice Department announced that the 22-year-old was responsible for the July 2021 ransomware attack against Kaseya, which paralyzed hundreds of businesses around the world for days.
According to CyberScoop, Vasinskyi was detained on October 8 at a border crossing in Dorohusk, a Polish-Ukrainian border town. Vasinskyi appeared in court for the first time today and was arraigned in the Northern District of Texas. The DOJ disclosed that Vasinskyi was shifted to Dallas on March 3.
Vasinskyi, in an August indictment, was responsible for the attack on Kaseya and numerous other firms. REvil was also accused of being behind the ransomware assault on JBS, which paid the attackers $11 million in Bitcoin in return for the key to break the network’s encryption.
Garland revealed that Vasinskyi, who used the online handle “Rabotnik,” was one of the masterminds of the REvil ransomware. The indictment by DOJ unveiled that Vasinskyi has been a member of the REvil ransomware group since at least 2019 and has carried out at least 2,500 attacks. The DOJ said that he made $2.3 million from ransoms after seeking over $760 million in all.
He faces charges of conspiracy to conduct fraud and associated behavior using computers, as well as damage to protected systems and money laundering. If convicted on all counts, he faces a total sentence of 115 years in jail. The arrest of Vasinskyi in November was followed by the confiscation of $6.1 million in money linked to suspected ransom payments made by Yevgeniy Polyanin, a 28-year-old Russian national. Polyanin was also accused of being a Sodinokibi/REvil gang member.
The REvil ransomware gang, which went underground for the second time in October, was disrupted by law enforcement personnel from several nations. Following raids by Russia’s Federal Security Service (FSB) in January, suspected organization members were also seized. According to the US Department of Justice, REvil is responsible for spreading its ransomware on more than 175,000 devices, in addition to the high-profile attacks on Kaseya and JBS. Ransom money has brought in at least $200 million to the gang.