REvil Ransomware Hacker Will get 13-year Sentence

Reading Time: 2 minutes

• A 24-year-dilapidated Ukrainian nationwide has got a 13-year sentence for deploying the REvil ransomware in over 2,500 attacks
• Yaroslav Vasinskyi, also diagnosed as Rabotnik, utilized the Sodinokibi/REvil variant to encrypt data on hundreds of computer programs
• He demanded over $700 million in cryptocurrency ransom payments, using a amount of how to cloak his booty

A 24-year-dilapidated Ukrainian nationwide has been handed a 13-year sentence for deploying the devastating REvil ransomware and using it in over 2,500 attacks. Yaroslav Vasinskyi, diagnosed online as Rabotnik, utilized the Sodinokibi/REvil ransomware variant to encrypt data on hundreds of sufferer computer programs, aiming to extort hefty ransom payments. Vasinskyi and his friends demanded over $700 million in cryptocurrency ransom payments, using cryptocurrency exchangers and mixing companies and products to cloak their earnings.

$700 Million Demanded

Vasinskyi and his fellow hackers planted the REvil malware on hundreds of computer programs in a spree lasting more than 5 years, encrypting data and rendering them inaccessible unless a ransom is paid. The gang would quiz of unprecedented sums exceeding $700 million in cryptocurrency from their victims, using sophisticated ways to cloak their ill-gotten good points. To add drive on their targets, they resorted to publicly disclosing sensitive data when ransom payments weren’t impending.

Vasinskyi became once arrested in November 2021 in terms of the ransomware attack on Miami-basically based IT firm Kaseya on July 2, 2021, which triggered the dissemination of REvil ransomware to “endpoints” within the future of Kaseya customer networks. This resulted within the encryption of data on computer programs belonging to organizations worldwide that utilized Kaseya instrument.

The defendants purportedly embedded electronic notes within the score of textual boom material recordsdata on the victims’ computer programs following the deployment of Sodinokibi/REvil ransomware. These notes contained an online address directing victims to an originate-source privateness network diagnosed as Tor, in conjunction with a link to a publicly accessible net direct where they might per chance well also originate file recovery.

Upon getting access to both net direct, victims had been offered with a ransom quiz of and supplied with a digital currency address for fee. Compliance with the ransom quiz of most frequently resulted within the defendants offering the decryption key, allowing victims to glean score admission to to their recordsdata. Nevertheless, failure to pay in total ended in the defendants both publicly disclosing the stolen data or claiming to fetch offered it to 3rd parties, leaving victims unable to retrieve their recordsdata.

Ransomware Clampdown Led to Arrest

One other principal attacks using this malware had been on Travelex in 2020 and meat giant JBS in 2021with the latter coming after Colonial Pipeline paid $4.5 million to glean score admission to to its computer programs (85% of this became once recovered). This ended in US President Joe Biden calling for a clampdown on such actions.

Vasinskyi became once sentenced to 13 years and seven months in detention center and ordered to pay over $16 million in restitution.