Yaroslav Vasinsky, accused of links with the Sodinokibi extortion group (REvil), was extradited and brought to trial in Dallas, Texas (USA).
Vasinsky, 22, is responsible for the ransomware attack on software vendor Kaseya in June 2021, which eventually affected hundreds of customers.
According to the indictment, from the beginning of March 2019 to August 2021, Vasinsky and his accomplices gained access to the computer networks of almost a dozen organizations and companies in Texas and other places, and then installed extortionate software and demanded a ransom. In several cases, after hacking computers, hackers also penetrated customer networks, significantly increasing the number of victims.
As reported in court documents, Vasinsky acted as a partner of the extortion group REvil. The young man acted under the pseudonyms Yarik45, Yaroslav2468 and Rabotnik. In early July 2019, a cybercriminal using the pseudonym Unknown posted an ad about finding partners to distribute the Sodinokibi ransomware. The partner was initially entitled to 60% of the share of the buyout, and then 70% after three payments. In mid-December of the same year, Vasinsky sent Unknown a message on an underground forum and offered cooperation.
Vasinsky was arrested in the Polish-Ukrainian border town of Dorohuska on October 8 last year.
According to the US Department of Justice, the young man earned about $2.3 million in ransoms. He was charged with conspiracy to commit fraud and related activities, damaging protected computers and conspiracy to launder money. He faces a total of 115 years in prison if found guilty on all counts.