A Canadian man has been sentenced to 20 years in prison for his part in the notorious NetWalker ransomware attacks, the US Department of Justice (DoJ) announced.
Canadian law enforcement arrested 35-year-old Sebastian Vachon-Desjardins, in January 2021 and executed a search warrant at his home. The Quebec resident was extradited to the United States following a request submitted by US authorities.
The press release stated that,
“During the search, officers discovered and seized $742,840 in Canadian currency and 719 Bitcoin, valued at approximately $21,849,087 at the time of seizure and $14,463,993 as of today.”
Vachon-Desjardins was ordered to forfeit $21.5 million.
The defendant worked with a criminal gang and participated in a sophisticated form of ransomware that targeted “dozens of victims all over the world,” said the DoJ, citing court documents.
US Attorney Roger B. Handberg was quoted as saying that the defendant targeted “hundreds of victims in numerous countries at the height of an international health crisis.”
According to CBC, Vachon-Desjardins is a former IT specialist for Public Services and Procurement Canada. He pleaded guilty to four charges, including computer fraud and transmitting a demand in relation to damaging a protected computer in the US.
He is also described as one of the Russian-speaking criminal group’s “most prolific affiliates.”
Per this source, Netwalker targeted some 400 victims in more than 30 countries, and collected $40 million in ransom payments.
Chainalysis found more than $46 million worth of funds in NetWalker ransoms since it first appeared in August 2019. “It picked up steam in mid-2020, growing the average ransom to $65,000 last year, up from $18,800 in 2019,” the blockchain analysis company stated back in January 2021.
Who are the victims?
The DoJ announcement stated that companies, municipalities, hospitals, colleges, universities, and even law enforcement and emergency services were impacted.
“Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims”.
Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division stated that Vachon-Desjardins identified and attacked high-value ransomware victims and then profited from “the chaos caused by encrypting and stealing the victims’ data.”
Per an UpGuard post, Netwalker is a Window’s specific ransomware that encrypts and exfiltrates all of the data it gets.
“After a successful attack, victims are presented with a ransom note demanding a bitcoin payment in exchange for a full decryption of the compromised data.”
It added that,
“Criminal affiliates receive an extravagant percentage of each ransom payment, and with an unlimited earning potential, they’re motivated to rapidly spread the ransomware far and wide.”
The FBI Tampa Field Office investigated the case, and Special Agent in Charge David Walker was quoted in the DoJ announcement as saying that “this sentencing serves as a reminder to the American public that the FBI is committed to combatting cyber threats.”