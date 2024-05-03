On October 8, 2021, Ukrainian Yaroslav Vasinsky was arrested on the border of Poland and Ukraine, accused of hacking into business software provider Kaseya in Florida. In March 2022, Vasynsky was extradited to Dallas, Texas.

After an investigation and trial, Vasinsky was found guilty on 11 counts, including conspiracy to commit fraud and related computer-related acts, damage to protected computers, and conspiracy to commit money laundering. He committed these crimes as a member of the REvil group, which carried out ransomware attacks and is linked to Russia.

In fact, Yaroslav Vasinsky (aka «Rabotnik») participated in more than 2500 Sodinokibi/REvil ransomware attacks that caused more than $700 million in losses to targeted organizations and individuals. Such ransomware encrypts victims’ systems and demands payments in exchange for a decryption key.

Vasinsky and his co-conspirators also used double extortion tactics. In addition to encrypting data in exchange for ransom, they also stole information from the systems they encrypted, allowing them to further blackmail victims by threatening to publish their sensitive information online.

One of REvil’s most famous crimes was committed against Kaseya’s cloud-based VSA system management platform, which is used for remote IT monitoring and management. This 2021 attack affected more than 1500 companies, from pharmacies to gas stations. REvil hackers also demanded a ransom from Apple.

In 2023, the U.S. Department of Justice achieved the final confiscation of a ransom worth millions of dollars. It included 39,89138522 bitcoins worth approximately $2.3 million and $6.1 million that were traced back to ransomware payments to Vasinsky and another REvil gang member, Yevgeny Polyanin.

