Sebastien Vachon-Desjardins — a former Canadian government IT professional — was charged with conspiracy to commit computer and wire fraud, and other offenses in a federal court in Florida, the US Department of Justice said Friday.
The Royal Canadian Mounted Police (RCMP) raided Vachon-Desjardins’s home and seized 719 bitcoins worth more than $28 million, or 790,000 in Canadian currency.
Prosecutors claim he used the “NetWalker” ransomware to target businesses, municipalities, hospitals, and law enforcement during the height of the COVID-19 pandemic.
The arrest comes in the face of a global crackdown on ransomware. In November, US President Joe Biden promised to use “the full strength of the federal government” to disrupt malicious cyber activity.
Several large-scale operations have since brought down ransomware groups such as Russia-based REvil and other related hacking groups.
BTC total market cap at $735.54 billion on the weekend chart | Source: TradingView.com
Bitcoin As Ransomware Payment
The cybersecurity community increasingly cites bitcoin and other cryptocurrencies as a significant enabler of ransomware attacks.
Suspected ransomware payments totaling $590 million were made in the first six months of 2021 and have continued to exceed estimates since the early months of 2022, US authorities said.
Another major trend that appears to be driving the increase in ransomware attacks this year is the influx of ransomware as a service offered by affiliated ransomware groups around the world.
Though the anonymity of cryptocurrency makes it an obvious way for criminals to obtain and conceal funds, tighter regulation or a ban on blockchain-based currencies are unlikely to stop the tide of attacks.
Ransomware and cryptocurrencies appear inseparably linked, with attackers almost always demanding payment in digital currencies.
Extradited From Canada
According to the US Department of Justice, Vachon-Desjardins was extradited to the US from Canada to “face charges in connection with dozens of ransomware assaults that resulted in the payment of tens of millions of dollars in ransoms.”
According to the DOJ, Sebastien “conspired to and did purposefully harm a protected computer and transmit a ransom demand in connection with doing so” from April to December 2020.
In January of last year, the Justice Department started a concerted international law enforcement operation to dismantle ransomware gang Netwalker.
NetWalker, also known as “Mailto,” is a large-scale ransomware-as-a-service (RaaS) operation that recruits affiliates to deploy ransomware in exchange for a considerable cut of the ransom payment. The group emerged in 2019 and has been linked to many high-profile attacks.
The famed ransomware infiltrates specific networks and encrypts all Windows devices connected to it.
It renders devices and correlated networks temporarily inoperable until the victims have paid the ransom for the return of their data files, as well as access to their computers and networks.
It is distributed via various channels, including websites, social media, instant messages, email attachments, and other modes of communication.
NetWalker’s operators encrypt victims’ computers and demand ransoms ranging from $1,000 to $3 million.
Featured image from freegameguide, chart from TradingView.com