Ontario man arrested in US for alleged crimes linked to global ransomware

Tyler Griffin, The Canadian Press

MONTREAL — The United States Department of Justice says a Russian-Canadian man from Ontario is in custody and awaiting extradition to the United States for his alleged participation in a global ransomware campaign. , a type of cyberattack.

The department says Mikhail Vasiliev, 33, of Bradford, Ontario, is charged with conspiracy to intentionally damage protected computers and transmit ransom demands in connection with his alleged role in the global LockBit ransomware program.

In court documents, the department describes LockBit as a ransomware variant that first emerged around January 2020 and has since become one of the most active and destructive campaigns in the world having been deployed against at least 1,000 victims. in the United States and elsewhere.

According to the court document filed in the District of New Jersey, LockBit made at least $100 million in ransom demands and extracted tens of millions of dollars in actual ransom payments from victims. It states that the US Federal Police (FBI) started investigating LockBit around March 2020.

Ransomware is a type of malware used by cybercriminals to encrypt data stored on a victim’s computer to make it inaccessible or unusable, transmit that data to a remote computer, or both. After a ransomware attack, the perpetrators usually demand a ransom from the victim and threaten to publish the stolen data, sell it or prevent access if the money is not paid.

“In many instances, LockBit perpetrators have posted highly confidential and sensitive data stolen from LockBit victims on a publicly accessible website under their ownership and control,” FBI agent Matthew Haddad wrote in the criminal complaint. . In this way, LockBit has become one of the most active and destructive ransomware variants in the world.”

Mr. Vasiliev faces a maximum of five years in prison if convicted. He has been identified as an alleged member of the LockBit conspiracy. No contact information for Mr. Vasiliev’s legal representatives was immediately available Thursday.

The criminal complaint against Mr Vasiliev says Canadian police searched his Bradford home in August, where they discovered a file containing a list of alleged or previous victims of cybercrime.

Documents showed that the search also uncovered screenshots of messages discussing topics related to the LockBit campaign, a text file containing instructions for deploying a LockBit program against a computer, as well as user names and passwords for various platforms owned by employees of a Canadian LockBit victim.

The complaint reveals that Mr. Vasiliev’s home was again raided on October 26 and that upon entering, “Canadian law enforcement discovered Mr. Vasiliev sitting at a table in the garage with a laptop computer, which ‘he couldn’t lock before he was overpowered’.

Investigators found several open tabs on the laptop, including one pointing to a site named “LockBit LOGIN” with a LockBit logo and a login screen hosted on an invisible web domain, the document said.

Canadian law enforcement also allegedly found a Bitcoin-type cryptocurrency wallet address at Mr. Vasiliev’s home during the October search, which led them to discover that the wallet had received payment by Bitcoin to from funds derived from a ransom payment made six hours earlier by a confirmed LockBit victim.

Assistant U.S. Attorney General Lisa Monaco said the arrest was the result of more than two and a half years of investigation into LockBit and more than a decade of FBI agent experience, Justice Department prosecutors and international partners in dismantling cyber threats.

“Let this be yet another warning to ransomware actors: in collaboration with partners around the world, the Department of Justice will continue to disrupt cyber threats and hold perpetrators to account,” Ms. Monaco said in a published press release. Thursday.


This dispatch was produced with the financial assistance of the Meta Exchanges and The Canadian Press for the news.


Back to top button