DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Sodinokibi/REvil Affiliate Yaroslav Vasinskyi Sentenced for Role in $700M Ransomware Scheme

Posted on May 2, 2024 by Dissent

May 1 – A Ukrainian national was sentenced today to 13 years and seven months in prison and ordered to pay over $16 million in restitution for his role in conducting over 2,500 ransomware attacks and demanding over $700 million in ransom payments.

“As this sentencing shows, the Justice Department is working with our international partners and using all tools at our disposal to identify cybercriminals, capture their illicit profits, and hold them accountable for their crimes,” said Attorney General Merrick B. Garland.

“Deploying the REvil ransomware variant, the defendant reached out across the globe to demand hundreds of millions of dollars from U.S. victims,” said Deputy Attorney General Lisa Monaco. “But this case shows the Justice Department’s reach is also global—working with our international partners, we are bringing to justice those who target U.S. victims, and we are disrupting the broader cybercrime ecosystem.”

“Today, the FBI’s close collaboration with our worldwide partners has again ensured that a cybercriminal who thought he was beyond our reach faces the consequences of his actions,” said FBI Director Christopher Wray. “We will continue to relentlessly pursue cyber criminals like Vasinksyi wherever they may hide, while we disrupt their criminal schemes, seize their money and infrastructure, and target their enablers and criminal associates to the fullest extent of the law.”

According to court documents, Yaroslav Vasinskyi, also known as Rabotnik, 24, conducted thousands of ransomware attacks using the ransomware variant known as Sodinokibi/REvil.  Ransomware is malicious software designed to encrypt data on victim computers, allowing bad actors the ability to demand a ransom payment in exchange for the decryption key. The co-conspirators demanded ransom payments in cryptocurrency and used cryptocurrency exchangers and mixing services to hide their ill-gotten gains. To drive their ransom demands higher, Sodinokibi/REvil co-conspirators also publicly exposed their victims’ data when victims would not pay ransom demands.

“Yaroslav Vasinskyi and his co-conspirators hacked into thousands of computers around the world and encrypted them with ransomware,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Then they demanded over $700 million in ransom payments and threatened to publicly disclose victims’ data if they refused to pay. Although the conspirators attempted to cover their tracks by laundering the payments from victims, Vasinskyi could not hide from law enforcement. Vasinskyi’s sentence today should serve as a reminder to ransomware actors everywhere: we will track you down and bring you to justice.”

“Using ransomware, malicious actors from around the globe can paralyze U.S. companies in a matter of minutes,” said U.S. Attorney Leigha Simonton for the Northern District of Texas. “But as cybercriminals work together to deploy these attacks, law enforcement throughout the United States stands ready to dismantle their criminal enterprises. The dedicated prosecutors from the Northern District of Texas and the skilled agents at the FBI Dallas Field Office proved once again today to ransomware actors everywhere: When you hit targets in the United States, the Justice Department and its partners will come after you.”

Vasinskyi previously pleaded guilty in the Northern District of Texas to an 11-count indictment charging him with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. He was previously extradited to the United States from Poland.

Relatedly, in 2023, the Department obtained the final forfeiture of millions of dollars’ worth of ransom payments obtained through two related civil forfeiture cases, which included 39.89138522 Bitcoin and $6.1 million in U.S. dollar funds traceable to alleged ransom payments received by other members of the conspiracy.

The FBI investigated the case.

Senior Counsel Frank Lin of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Tiffany H. Eggers for the Northern District of Texas prosecuted the case. Assistant U.S. Attorney Dimitri N. Rocha for the Northern District of Texas assisted with the related civil forfeiture cases.

The Justice Department’s Office of International Affairs worked with Polish authorities to secure the extradition of Vasinskyi.

Updated May 1, 2024

Source: U.S. Department of Justice

Related posts:

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Kept in the Dark — Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden
  • Russian National Charged with Ransomware Attacks Against Critical Infrastructure
  • Two Foreign Nationals Plead Guilty to Participation in LockBit Ransomware Group
Category: Malware

Post navigation

← Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO
Russian Hackers Target Industrial Systems in North America, Europe →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Chinese hackers suspected in breach of powerful DC law firm
  • Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities
  • CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.