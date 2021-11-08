CreatorsPublishersAdvertisers
Public Safety

US charges 2 suspected major ransomware operators

By Associated Press
FOX40
FOX40
 6 days ago

https://img.particlenews.com/image.php?url=2qDpPt_0cqVJgGN00

WASHINGTON (AP) — A suspected Ukrainian hacker has been arrested and charged in the United States in connection with a string of costly ransomware attacks, including one that snarled businesses around the globe on the Fourth of July weekend, U.S. officials said Monday.

Yaroslav Vasinskyi was arrested last month after traveling to Poland, according to the Justice Department, which also announced the recovery of $6.1 million in ill-gotten funds from a Russian national who was separately charged and is wanted by law enforcement.

Both men are alleged to be affiliated with the Russia-based REvil ransomware gang, which has been blamed for hacks that have extorted at least $200 million in payments, said Attorney General Merrick Garland. Victims in the last year have included the world’s largest meat processor, JBS SA, and a software company called Kaseya, in an holiday weekend attack that the company said affected between 800 and 1,500 businesses.

Poll: Cyberattacks concerning to most in US

The involvement of multiple agencies across the Biden administration amounted to perhaps the most high-profile response to date to a blitz of ransomware attacks that officials say continues to threaten national security and the economy. Deputy Attorney General Lisa Monaco appeared to foreshadow the announcement in an interview with The Associated Press last week, saying that “in the days and weeks to come, you’re going to see more arrests.”

Speaking at a news conference Monday, she said, “We have been using every tool at our disposal and leveraging every authority we have to hunt down and hold accountable cybercriminals wherever they seek to hide.”

The indictment accuses Vasinskyi, 22, of conducting deploying REvil ransomware, also known as Sodinokibi, against victims around the world — including the massive Kaseya attack. Yevgeniy Polyanin, a Russian national, is charged in a separate indictment that accuses him of participating in a spate of attacks and leaving behind electronic notes on victims’ computers to help them make ransom payments and get their files decrypted.

Both indictments were filed in federal court in the Northern District of Texas, a state where REvil ransomware compromised the computer networks of some two dozen local government agencies in the summer of 2019.

The U.S. is seeking Vasinskyi’s extradition from Poland to Texas. Though it successfully recovered from $6 million in ransomware payments from Polyanin, the FBI is continuing to seek his arrest, and the State Department on Monday announced a $10 million reward for anyone with information leading to the capture of any leaders of the REvil group.

The Treasury Department, meanwhile, announced sanctions against the pair as well as what it said was a virtual currency exchange, Chatex, was used by ransomware gangs.

President Joe Biden commended the government’s actions, saying he was making good on his commitment to Russian leader Vladimir Putin that the U.S. would hold cyber criminals accountable. He said the U.S. was “bringing the full strength of the federal government to disrupt malicious cyber activity and actors” and to “bolster resilience at home.”

The announcement of the criminal charges came hours after European law enforcement officials revealed the results of a lengthy, 17-nation operation known as GoldDust. As part of that operation, Europol said, a total of seven hackers linked to REvil and another ransomware family have been arrested since February, including two last week by Romanian authorities.

The Justice Department has tried multiple ways to address a ransomware wave that it regards as a national security and economic threat. Arrests of foreign hackers are significant for the Justice Department since many of them operate in the refuge of countries that do not extradite their own citizens to the U.S. for prosecution.

“There’s lots of reasons why people travel, and I can’t get into the specific reasons why Mr. Vasinskyi traveled, but boy are we glad he did,” FBI Director Christopher Wray said Monday.

Even so, the ransomware threat has been hard to curb. Monaco told the AP last week that even since Biden’s admonitions to Putin last summer to rein in ransomware gangs, “we have not seen a material change in the landscape.”

Garland declined to answer directly when asked if there was evidence that the Russian government was aware of REvil’s activities, but said, “we expect and hope that any government with where of these ransomware actors is residing will do everything it can to provide that person to us for prosecution.”

The $6.1 million seizure in this case builds on a similar success from months ago.

The Justice Department in June seized $2.3 million in cryptocurrency from a payment made by Colonial Pipeline following a ransomware attack that caused the company to temporarily halt operations, creating fuel shortages in parts of the country.

For the latest news, weather, sports, and streaming video, head to FOX40.

Comments / 0

Related
bleepingcomputer.com

Operation Cyclone deals blow to Clop ransomware operation

A thirty-month international law enforcement operation codenamed 'Operation Cyclone' targeted the Clop ransomware gang, leading to the previously reported arrests of six members in Ukraine. In June, BleepingComputer reported that Ukrainian law enforcement arrested members of the Clop ransomware gang involved in laundering ransom payments. This Friday, new information came...
PUBLIC SAFETY
RELATED LOCAL CHANNELS
State
Texas State
State
Washington State
The Independent

REvil ransomware attacks: US announces crackdown on Russia-linked hackers as two charged and $6.1m seized

The Department of Justice on Monday announced a major crackdown on Russia-linked ransomware gangs, including the seizure of $6.1m from one ransomware actor and the unsealing of charges against two men linked to ransomware attacks this past year.One of the two, Yaroslav Vasinskyi of Ukraine, was taken into custody in Poland last month, and has had $6.1m in assets seized by the Justice Department. The other, a Russian national called Yevgeniy Polyanin, remains at large.Both men are facing charges for their roles in the deployment of ransomware known as REvil, which was used in a 2 July attack against a...
PUBLIC SAFETY
TechRepublic

US amps up war on ransomware with charges against REvil attackers

One person fingered for the July 2021 attack against Kaseya is in custody, while the other individual is still at large. The United States has taken another significant legal step in its battle against ransomware. On Monday, the US Department of Justice announced formal charges against two foreign nationals for their role in deploying REvil ransomware attacks against organizations throughout the country. Based on the indictments, the two individuals accessed the networks of their intended victims and used the Sodinokibi/REvil ransomware to encrypt sensitive data and hold it hostage.
PUBLIC SAFETY
TechCrunch

US charges Kaseya hacker and seizes $6M from REvil ransomware gang

During a news conference on Monday, U.S. Attorney General Merrick Garland announced that Yaroslav Vasinskyi was arrested last month in Poland at the request of the U.S. government and is currently being held pending U.S. extradition proceedings. Vasinskyi, who used different names online to avoid detection, is accused of being a long-time affiliate of the now-defunct REvil ransomware operation and of deploying 2,500 attacks against businesses worldwide.
PUBLIC SAFETY
RELATED PEOPLE
Person
Lisa Monaco
Person
Joe Biden
Person
Vladimir Putin
Person
Merrick Garland
WREG

Bannon indicted on contempt charges for defying 1/6 subpoena

MARKS, Miss. (AP) — Steve Bannon, a longtime ally to former President Donald Trump, was indicted Friday on two counts of contempt of Congress after he defied a congressional subpoena from the House committee investigating the insurrection at the U.S. Capitol. The Justice Department said Bannon, 67, was indicted on one count for refusing to […]
CONGRESS & COURTS
IN THIS ARTICLE
#U S Justice Department#Fbi#Ap#Ukrainian#The Justice Department#Russian#Jbs Sa#Cyberattacks#The Associated Press#Sodinokibi
bleepingcomputer.com

FBI system hacked to email 'urgent' warning about fake cyberattacks

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen. The emails pretended to warn about a “sophisticated chain attack” from an advanced threat actor known, who they identify as Vinny Troia. Troia...
PUBLIC SAFETY
YOU MAY ALSO LIKE
Country
Poland
NewsBreak
Public Safety
NewsBreak
U.S. Department of the Treasury
NewsBreak
U.S. Department of Justice
Best Life

If You Got This Vaccine, You're Barred From Entering the U.S., Starting Today

Millions of people are now being allowed to enter the U.S. for the first time in nearly 18 months. In mid-October, the White House announced that it would soon be opening up the country's borders to fully vaccinated travelers, after having prohibited most non-U.S. citizens from 33 countries during the thick of the pandemic. As of Nov. 8, travelers from dozens of countries can enter the U.S. if they show proof of vaccination and a negative COVID test taken within three days of travel, according to the Centers for Disease Control and Prevention (CDC). But not all fully vaccinated travelers are being permitted under the administration's new guidelines.
PHARMACEUTICALS
FOX40

FOX40

4K+
Followers
1K+
Post
611K+
Views
ABOUT

FOX40.com delivers News That Matters across Northern California

 https://www.fox40.com/

Comments / 0

Community Policy