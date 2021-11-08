U.S. markets close in 1 hour 17 minutes

  • S&P 500

    4,703.95
    +6.42 (+0.14%)
     

  • Dow 30

    36,429.53
    +101.58 (+0.28%)
     

  • Nasdaq

    16,002.88
    +31.30 (+0.20%)
     

  • Russell 2000

    2,440.57
    +3.48 (+0.14%)
     

  • Crude Oil

    81.96
    +0.69 (+0.85%)
     

  • Gold

    1,827.40
    +10.60 (+0.58%)
     

  • Silver

    24.59
    +0.43 (+1.79%)
     

  • EUR/USD

    1.1592
    +0.0024 (+0.21%)
     

  • 10-Yr Bond

    1.4900
    +0.0370 (+2.55%)
     

  • GBP/USD

    1.3557
    +0.0055 (+0.41%)
     

  • USD/JPY

    113.2000
    -0.2000 (-0.18%)
     

  • BTC-USD

    65,915.41
    +3,599.58 (+5.78%)
     

  • CMC Crypto 200

    1,628.19
    +19.96 (+1.24%)
     

  • FTSE 100

    7,300.40
    -3.56 (-0.05%)
     

  • Nikkei 225

    29,507.05
    -104.52 (-0.35%)
     

US charges Kaseya hacker and seizes $6M from REvil ransomware gang

Carly Page
·4 min read

The U.S. Department of Justice (DOJ) has charged a 22-year-old Ukrainian citizen linked to the REvil ransomware gang for orchestrating the July ransomware attack against U.S. technology firm Kaseya. It has also seized more than $6 million in ransom tied to another member of the notorious ransomware group.

During a news conference on Monday, U.S. Attorney General Merrick Garland announced that Yaroslav Vasinskyi was arrested last month in Poland at the request of the U.S. government and is currently being held pending U.S. extradition proceedings. Vasinskyi, who used different names online to avoid detection, is accused of being a long-time affiliate of the now-defunct REvil ransomware operation and of deploying 2,500 attacks against businesses worldwide.

Most notably, Vasinskyi — whose ransom demands are said to have totalled $767 million — is accused of being involved in the high-profile attack on Kaseya, which impacted more than 1,500 businesses in the U.S and carried a ransom demand of $70 million.

U.S. officials have also seized $6.1 million in connection with hacking campaigns linked to another REvil affiliate, Russian national Yevgeniy Polyanin, who is accused of conducting 3,000 ransomware attacks and extorting around $13 million from victims, U.S. officials said. Vasinsky and Polyanin have both been charged with conspiracy to commit money laundering, conspiracy to commit fraud, and intentional damage to a protected computer.

“The Justice Department is sparing no resource to identify and bring to justice anyone, anywhere who targets the United States with a ransomware attack,” Garland said.

It's not just the hackers the U.S. government is going after, as the Treasury Department also today announced sanctions against the Chatex cryptocurrency exchange for facilitating ransom transactions.

Additionally, the State Department has announced a reward of up to $10 million "for information leading to the identification or location of any individual(s) who hold a key leadership position in the Sodinokibi/REvil ransomware variant transnational organized crime group," as well as up to $5 million for information leading to the arrest or conviction of any individual participating in a REvil variant ransomware incident.

Last week it annunced a similar bounty for key information on the hackers behind the so-called DarkSide ransomware, which forced major U.S. fuel provider Colonial Pipeline to shut down for days in May. Prior to this, the U.S. has recovered $2.3 million of the ransomware payment that Colonial Pipeline paid to the ransomware gang.

In the past five months, the DoJ's efforts have resulted in the arrest of seven REvil affiliates. European law enforcement agency Europol announced on Monday that that two hackers who used the REvil ransomware to infect and attempt to extort as many as 5,000 victims had been arrested in Romania. The two unnamed individuals, who pocketed €500,000 (roughly $578,000) in ransom payments, were arrested on November 4, according to Europol. On the same day, Kuwaiti authorities also arrested a third REvil ransomware affiliate.

As well as Vasinskyi, who was arrested in October when trying to enter Poland from his native country, two other individuals believed to be REvil affiliates were apprehended in South Korea in February and April, law enforcement disclosed for the first time today.

“A total of seven suspects linked to the two ransomware families have been arrested since February 2021,” Europol said. “They are suspected of attacking about 7,000 victims in total.”

The arrests are the results of Operation GoldDust, which involved law enforcement agents from 17 countries, Europol, Eurojust, and Interpol. The operation also received support from the cybersecurity industry from companies including Bitdefender, KPN and McAfee. Researchers at Bitdefender provided technical insights throughout the investigation, along with decryption tools to help victims of ransomware attacks recover their files without having to pay the ransom.

According to Europol, the REvil decryption tools have helped more than 1,400 companies decrypt their networks following ransomware attacks, saving over €475 million ($550 million) from being paid to cybercriminals. According to U.S officials, the entire REvil ransomware operation received more than $200 million since it started activity.

These arrests are the latest in a string of operations by law enforcement targeting ransomware operations. Last month saw a Europol-led operation target 12 suspects in Ukraine and Switzerland believed to be behind LockerGoga, MegaCortex, Dharma and other ransomware attacks.

Recommended Stories

  • Feds Seize Millions in Sprawling Ransomware Bust

    OLIVIER DOULIERYA hacker linked to a Russian ransomware gang that brazenly attacked more than 1,000 U.S. companies in July has been charged for his cybercrime campaigns, according to court documents unsealed Monday.The hacker, Yaroslav Vasinskyi, a Ukrainian national, wrote the software behind the Russian-linked REvil gang’s ransomware attack against the software company Kaseya. That attack ended up infecting thousands of companies and kept them with limited operations for weeks, according to a

  • U.S. charges two suspected major ransomware operators

    Two suspected criminal hackers have been charged in the United States in connection with a wave of ransomware attacks, including one that led to the temporary shutdown of the world’s largest meat processor and another that snarled businesses around the globe on the Fourth of July weekend, U.S. officials said Monday. Attorney General Merrick Garland and other top officials announced charges against Ukrainian Yaroslav Vasinskyi and Russian Yevgeniy Polyanin, alleging them to be part of the REvil ransomware gang.

  • Five hackers linked to ransomware gang REvil arrested since Feb -Europol

    The arrests of the suspects, including two on Nov. 4 by Romanian authorities, were part of Operation GoldDust that involved Europol, Eurojust and Interpol, it said. Last month, Reuters had exclusively reported that the group REvil was itself hacked and forced offline by a multi-country operation, according to three private sector cyber experts working with the United States and one former official. Former partners and associates of Russian-led criminal gang REvil, or "Ransomware-Evil", were the ones responsible for a May cyberattack on the Colonial Pipeline that led to widespread gas shortages on the U.S. East Coast.

  • U.S. will 'aggressively pursue' ransomware ecosystem -Garland

    Yaroslav Vasinskyi, a Ukrainian national arrested in Poland last month, will face U.S. charges for deploying ransomware known as REvil, which has been used in hacks that have cost U.S. firms millions of dollars, the court filing showed.Vasinskyi conducted a ransomware attack over the July 4 weekend on Florida-based software firm Kaseya that infected up to 1,500 businesses around the world, according to the charges filed in the U.S. District Court for the Northern District of Texas.Vasinskyi and another alleged REvil operative, Russian national Yevgeniy Polyanin, were charged by the United States with conspiracy to commit fraud and conspiracy to commit money laundering, among other charges.

  • Matthew Stafford says his ankle is fine after rolling it vs. Titans

    Matthew Stafford came up hobbling in the second half but says his ankle is going to be fine.

  • U.S. charges Ukrainian, Russian, over cyberattack, seizes $6 million in ransom payments

    The U.S. Justice Department has charged a suspect from Ukraine and a Russian national over a July ransomware attack on an American company, according to indictments made in court filings on Monday, and has seized $6 million in ransom payments. The latest U.S. actions follow a slew of measures taken to combat ransomware that earlier this year hit big companies, including Colonial Pipeline, the largest fuel pipeline in the United States, and crippled fuel delivery for several days in the U.S. Southeast. Yaroslav Vasinskyi, a Ukrainian national arrested in Poland last month, will face U.S. charges for deploying ransomware known as REvil, which has been used in hacks that have cost U.S. firms millions of dollars, the court filing showed.

  • After being pepper-sprayed, police say NMSU student dove into suspect's car to get belongings

    NMSU Police have asked anyone with information about the robbery to call them at 575-646-3311.

  • A local woman running every day during the pandemic

    “The first thing that came to mind is running is the only thing that solves my problems."

  • Aaron Rodgers Gives Wild Anti-Vaccine Interview After Catching COVID-19

    The Green Bay Packers quarterback insisted he's “not an anti-vax flat-earther,” but unleashed a stream of false information.

  • Yes, Virginia, Donald Trump finally got it right

    Donald Trump finally did the right thing. He shut the hell up, encouraged his supporters to flood the polls and stayed away from Virginia.

  • China Bond Rout Shifts From Evergrande to Other Big Developers

    (Bloomberg) -- Investor concerns are shifting to China’s stronger property firms as a selloff across the industry’s dollar bonds turns to higher-quality borrowers. Most Read from BloombergWhere Did All the Public Bathrooms Go?What It Means to Design a Space for ‘Care’COP26 Protests: Inflatable Cows, Megaphones and a RainbowThe Rising Pacific Forces a Native Village to Move. Who Will Pay?‘Airbnb Queen’ Says She’s Caught Up in Platform’s New York FeudA dollar bond from China’s largest property fir

  • Steelers vs Bears: What to expect when Pittsburgh is on defense

    The Steelers defense will focus on shutting down the run.

  • Watr launches ESG-oriented blockchain for commodities, partners with Algorand

    A large part of the solutions could lie in how commodities are traded. What would happen, for instance, if you created digital contracts for trade, but included a sort of a ‘nutrition label’ for every commodity that's been bought and sold, so you can track the provenance? Creating such an ecosystem sounds almost impossible, but blockchain-based smart contracts might just hold the answer.

  • What the $1.2 trillion infrastructure bill means for climate change

    Is the newly passed infrastructure bill just small steps on climate or a BFD? The answer to both questions could be yes.Catch up fast: The House voted late Friday to send the $1.2 trillion bill to President Biden.Stay on top of the latest market trends and economic insights with Axios Markets. Subscribe for freeIt has massive investments in roads, bridges, transit and other “hard infrastructure” provisions, including billions of dollars for EV charging.It includes $47 billion in climate resilien

  • Crypto Tesla Tokens Drop 6.8% After Musk Suggests Selling Stock

    (Bloomberg) -- Crypto traders are telling stock traders that Tesla Inc.’s shares will probably fall when Wall Street wakes up Monday. Over the weekend, Elon Musk asked his legion of Twitter followers whether he should sell 10% of his stake in the electric-vehicle maker, and the answer came back on Sunday afternoon: yes. Since then, on the FTX crypto exchange Sunday afternoon, Tesla tokens have traded for $1,139, or 6.8% below where the real stock closed on Nov. 5.The electric-vehicle maker that

  • Beijing says U.S. spying charges against Chinese citizen 'pure fabrication'

    China on Monday labelled the charges against a Chinese citizen convicted in the United States of stealing trade secrets as "pure fabrication". The U.S. Justice Department said on Friday that Xu Yanjun had been convicted by a federal jury of plotting to steal trade secrets from several U.S. aviation and aerospace companies. "The allegation is pure fabrication," Chinese Foreign Ministry spokesperson Wang Wenbin told reporters in Beijing.

  • See Elizabeth Debicki Re-create One of Princess Diana’s Most Famous Fashion Moments for The Crown

    Photographers captured “The Crown” actor reenacting one of Princess Diana’s most famous fashion moments.

  • Steelers vs Bears: 3 big storylines in this game

    Are the Steelers really a good team? We will find out this week.

  • Trump, Tanzania, and the deadly toll of pandemic denial

    Tanzania's COVID cover-up shows the cost of dimwitted authoritarianism

  • 5 things Giants need to happen to make any kind of run during 2021 NFL season

    Here’s what the Giants need to happen, quickly, if they really want to make any kind of run during the 2021 NFL season.