DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Canadian police arrest suspected LockBit ransomware operator (updated)

Posted on November 10, 2022 by Dissent

Is the end of LockBit near? First an irate developer leaked the builder code for LockBit 3.0 code on GitHub in September. And now one of their big operators has been arrested in Canada.

Howard Solomon reports:

Canadian police have arrested a Russian citizen who they say is one of the world’s most prolific ransomware operators behind the LockBit ransomware gang. If true the arrest could be a big blow to the organization.

In a news release today, the European Multidisciplinary Platform Against Criminal Threats (EMPACT) said the man was arrested October 26th in an unnamed Ontario city, following an investigation led by the French National Gendarmerie (Gendarmerie Nationale), with the support of Europol, the RCMP, and the FBI.

Read more at ITWorld.

The arrest is reportedly a follow-up to an action carried out in Ukraine which led to the arrests of two of his accomplices.

DataBreaches reached out to LockBitSupp on via Tox, but no reply was immediately available.

Update:  Here is the press release from the DOJ:

Man Charged for Participation in LockBit Global Ransomware Campaign

A criminal complaint filed in the District of New Jersey was unsealed today charging a dual Russian and Canadian national for his alleged participation in the LockBit global ransomware campaign.

Mikhail Vasiliev, 33, of Bradford, Ontario, Canada, is in custody in Canada and is awaiting extradition to the United States.

“This arrest is the result of over two-and-a-half-years of investigation into the LockBit ransomware group, which has harmed victims in the United States and around the world,” said Deputy Attorney General Lisa O. Monaco. “It is also a result of more than a decade of experience that FBI agents, Justice Department prosecutors, and our international partners have built dismantling cyber threats. Let this be yet another warning to ransomware actors: working with partners around the world, the Department of Justice will continue to disrupt cyber threats and hold perpetrators to account. With our partners, we will use every available tool to disrupt, deter, and punish cyber criminals.”

“Yesterday’s successful arrest demonstrates our ability to maintain and apply relentless pressure against our adversaries,” said FBI Deputy Director Paul Abbate. “The FBI’s persistent investigative efforts, in close collaboration with our federal and international partners, illustrates our commitment to using all of our resources to ensure we protect the American public from these global cyber threat actors.”

According to court documents, LockBit is a ransomware variant that first appeared in or around January 2020. It has become one of the most active and destructive ransomware variants in the world. Since first appearing, LockBit has been deployed against at least as many as 1,000 victims in the United States and around the world. LockBit members have made at least $100 million in ransom demands and have extracted tens of millions of dollars in actual ransom payments from their victims. The FBI has been investigating the LockBit conspiracy since in or around March 2020.

According to court documents, Vasiliev allegedly participated in the LockBit campaign. He is charged with conspiracy to intentionally damage protected computers and to transmit ransom demands. If convicted, he faces a maximum of five years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division, U.S. Attorney Philip R. Sellinger for the District of New Jersey, Assistant Director Bryan Vorndran of the FBI’s Cyber Division, and Special Agent in Charge James Dennehy of the FBI Newark Field Office made the announcement.

Trial Attorneys Jessica C. Peck and Jorge Gonzalez of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorneys Andrew M. Trombly and David E. Malagold of the Cybercrime Unit for the District of New Jersey are prosecuting the case, with assistance from the U.S. Attorney’s Office for the Northern District of Georgia and the U.S. Attorney’s Office for the Western District of Pennsylvania.

The case is being investigated by the FBI Newark Field Office, Newark Cyber Crimes Task Force, with assistance from the FBI Atlanta Field Office, the FBI Pittsburgh Field Office, the FBI Miami Field Office, the FBI’s Legal Attaché-Ottawa, the Jersey City Police Department, the New Jersey State Police, and the New Jersey Office of Homeland Security and Preparedness. The Justice Department’s Office of International Affairs has also provided valuable assistance.

A criminal complaint is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

Source: Department of Justice


The press release from the U.S. Attorney’s Office for the District of New Jersey can be found here.  The case may have been unsealed but it is not showing up in PACER as of the time of this update.

Related posts:

  • Dual Russian And Israeli National Extradited To The United States For His Role In The LockBit Ransomware Conspiracy
  • Two Foreign Nationals Plead Guilty to Participation in LockBit Ransomware Group
  • AlphaBay and Hansa taken down in coordinated operations by FBI and Dutch National Police
  • Russian National Charged with Ransomware Attacks Against Critical Infrastructure
Category: Commentaries and AnalysesMalwareNon-U.S.Of Note

Post navigation

← NY: Commack School District faces ransomware attack, superintendent says
Memorial for Vitali Kremez →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.