Two suspected hackers were arrested and seized by law enforcement officers in connection to a series of ransomware attacks that targeted businesses over the Fourth of July weekend. Officials from the United States announced this Monday.
Attorney General Merrick Galrland filed charges against Ukrainian Yaroslav Varsinskyi (22) and Russian Yevgeniy Poloanin (28).
These men are being accused of belonging to the REvil ransomware gang.
The President Joe Biden praised the actions and stated that he would continue to hold those who threaten U.S. Security accountable.
He stated, “When I met in June with President Putin, I made it clear that the United States will take steps to hold cybercriminals responsible.”
‘That’s what we have done today.
“We bring all the strength and resources of the federal government in order to stop malicious cyber activity, actors and bolster resilience at the home, to address the use of virtual currencies to launder ransom money, to leverage international cooperation and disrupt ransomware ecosystems and provide safe harbours to ransomware criminals.
AG Merrick Garland claimed that: “The Justice Department spares no resources to identify and bring into justice anyone, anywhere, who targets the United States using a ransomware assault.”
Merrick Garland, Attorney General, announced Monday that charges were filed against Yaroslav Vasinskyi (Ukraine), and Yevgeniy Poloanin (Russia), 28
Biden expressed appreciation for the steps and stated that work will continue to hold those who threaten the U.S. security accountable.
At a press conference earlier, Garland said: ‘The Justice Department is sparing no resource to identify and bring to justice anyone, anywhere who targets the United States with a ransomware attack.’
The Treasury Department also announced sanctions against the pair and a virtual currency exchange, Chatex, which it said was used by criminal gangs.
REvil – also known as Sodinokibi – has been linked in recent months to ransomware targeting the world’s largest meat processor, JBS SA, as well as a Fourth of July weekend attack that snarled businesses around the world through a breach of a Florida-based software company called Kaseya.
Court documents state that Vasinskyi is alleged to have been responsible for Kaseya’s attack, which encrypted data from computers around the globe.
Notes in text files were left by the defendants on computers. They also included web addresses. A ransom was demanded from the victims to obtain a virtual currency account.
The ransom was paid by the victim and then the decryption keys were provided by the defendants so that the victims could access their files.
If a victim did not, the defendants typically posted the victims’ stolen data or claimed they sold the stolen data to third parties, and victims were unable to access their files.
‘Ransomware can cripple a business in a matter of minutes,’ said Acting U.S. Attorney Chad E. Meacham for the Northern District of Texas.
‘These two defendants deployed some of the internet’s most virulent code, authored by REvil, to hijack victim computers.’
The officials also revealed that they had seized $6.1 Million in ransom money traceable back to Polyanin’s alleged ransom payments. Polyanin is accused of launching attacks on Texas around Aug. 16, 2019.
European law enforcement officers announced Monday that two more ransomware operators were arrested with links to REvil Romania.
A ransomware attack that the Justice Department considers a national security threat has been addressed by multiple agencies.
The Justice Department is concerned about the arrest of foreign hackers because many are operating in refuge countries where they cannot be extradited to the U.S.
Hackers attacked the systems of more than a million businesses on almost every continent, demanding $70million to repair the damage.
Hacking group REvil attacked New Zealand’s schools and Swedish grocery stores on Friday, after infiltrating the US-based Kaseya software company.
Kaseya stated that just a dozen customers were directly affected. However, knock-on effect caused at least 17 firms in the US to collapse. Experts also said that the attack was unprecedented in scale and sophistication.
A month earlier, the same group attacked the world’s largest meatpacking company JBS, disrupting production in North America and Australia.
Christopher Wray, FBI Director, stated Monday that the FBI had worked tirelessly and creatively against criminal hackers like Sodinokibi/REvil.
Ransomware and similar groups pose an unacceptable risk to our safety as well as our economic wellbeing.
“We will continue targeting their facilitators and actors, their infrastructure and their money wherever they may be.”