{"id":2514,"date":"2022-03-11T23:35:14","date_gmt":"2022-03-12T06:35:14","guid":{"rendered":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/?p=2514"},"modified":"2022-03-11T23:36:17","modified_gmt":"2022-03-12T06:36:17","slug":"ukrainian-hacker-yaroslav-vasinskyi-extradited-to-the-united-states","status":"publish","type":"post","link":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/2022\/03\/11\/ukrainian-hacker-yaroslav-vasinskyi-extradited-to-the-united-states\/","title":{"rendered":"Ukrainian Hacker Yaroslav Vasinskyi Extradited to the United States"},"content":{"rendered":"\n
\"\"
Yaroslav Vasinskyi is facing charges in the US for using REvil malware in attacks against American companies, including an attack against US software company Kaseya. <\/figcaption><\/figure>\n\n\n\n

On March 3, 2022 Ukrainian hacker and REvil member Yaroslav Vasinskyi was extradited to the United States, and will be facing trial in Texas for his role in ransomware attacks against American companies. A statement by the U. S. Department of Justice (DOJ) reads: \u201cVasinskyi is charged with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering.\u201d If he is found guilty, he could face up to 115 years in prison. <\/p>\n\n\n\n

According to the indictment released last July by the DOJ, Vasinskyi has been part of REvil since at least 2019 and has launched around 2,500 attacks. Among these many attacks includes the July 2021 ransomware attack on the American software firm Kaseya. <\/p>\n\n\n\n

The Kaseya ransomware attack <\/h4>\n\n\n\n

Kaseya is a Florida based company that primarily helps small to medium businesses (SMBs) across the world manage networks managing networks, systems, and information technology infrastructure. <\/p>\n\n\n\n

\"\"
Logo for the US software company Kaseya, which was hacked July 2021. <\/figcaption><\/figure>\n\n\n\n

Kaseya\u2019s services are managed remotely by Kaseya Virtual Storage Appliance (VSA), which allows customers to use virtual machines for storage instead of buying hardware. On July 2, 2021 unusual behavior on the endpoints of clients’ networks was reported to Kaseya: it turned out hackers had found out a way to bypass the authentication of the VSA and distribute REvil ransomware through the hosts managed by the software. Within a few hours Kaseya shut down their VSA cloud servers and issued out a statement to its clients, however the damage had already been done. The effects of this attack were felt internationally; up to 1,500 companies across the world were affected. REvil took credit for the attack, and demanded $70 million for a decrypting key that would unlock all infected systems. Kaseya refused to pay the ransom, and in a statement made on July 22, 2021 the company declared that it had obtained a decryptor key from an anonymous third party, which was later revealed to have been the FBI. <\/p>\n\n\n\n

Effects of the attack<\/h4>\n\n\n\n

The effects were felt by thousands of companies internationally. Virginia Tech University was affected, and many schools and kindergartens in New Zealand were also affected. In Sweden, the superstore chain Coop was unable to use its cash registers, and had to shut down its over 800 locations for a few days. <\/p>\n\n\n\n

The US Government’s response<\/h4>\n\n\n\n

In August 2021, the US Department of Justice released an Indictment for Vasinskyi, connecting him as well as Russian hacker Yevgyeniy Polyanin with the Kaseya attack. In fall of 2021 Vasinskyi was arrested in Poland, and held there until his extradition to the US. While Vasinskyi is not a US citizen, the US government has made it clear that they will prosecute cybercriminals regardless of nationality. Attorney General Merrick Garland declared in a public statement: “The Justice Department will spare no resource in identifying and bringing to justice transnational cybercriminals who target the American people”. <\/p>\n\n\n\n

Hopefully this trial will help dissuade international hackers from engaging in ransomware, as it is sad when a small group of malicious actors are able to cause such a disruption to thousands of innocent people across the world. Companies and individuals certainly do have a responsibility to ensure that they always use best security practices, however governments also have a responsibility to bring justice to hackers who do break into systems and cause harm to companies and individuals across the world.<\/p>\n\n\n\n

References <\/h3>\n\n\n\n

Alleged Ukrainian hacker in US court after extradition from Poland (msn.com)<\/a><\/p>\n\n\n\n

Alleged Ukrainian Member of REvil Ransomware Gang Extradited to US (hackread.com)<\/a><\/p>\n\n\n\n

Kaseya ransomware attacker’s trial begins – Security – iTnews<\/a><\/p>\n\n\n\n

Sodinokibi\/REvil Ransomware Defendant Extradited to United States and Arraigned in Texas | OPA | Department of Justice<\/a><\/p>\n\n\n\n

Important Notice August 4th, 2021 \u2013 Kaseya<\/a><\/p>\n\n\n\n

Kaseya denies paying ransom for decryptor, refuses comment on NDA | ZDNet (archive.org)<\/a><\/p>\n\n\n\n

Up to 1,500 businesses affected by ransomware attack, U.S. firm’s CEO says | Reuters<\/a><\/p>\n\n\n\n

Kaseya VSA ransomware attack – Wikipedia<\/a><\/p>\n\n\n\n

REvil member accused of Kaseya ransomware attack arraigned in Texas (cyberscoop.com)<\/a><\/p>\n\n\n\n

Lessons Learnt from the Kaseya Ransomware Attack – Pragma – Securing Your Digital Future (pragmastrategy.com)<\/a><\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

On March 3, 2022 Ukrainian hacker and REvil member Yaroslav Vasinskyi was extradited to the United States, and will be facing trial in Texas for his role in ransomware attacks against American companies. A statement by the U. S. Department of Justice (DOJ) reads: \u201cVasinskyi is charged with conspiracy to commit fraud and related activity … <\/p>\n

Continue reading “Ukrainian Hacker Yaroslav Vasinskyi Extradited to the United States”<\/span><\/a><\/p>\n","protected":false},"author":381,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[15],"tags":[],"class_list":["post-2514","post","type-post","status-publish","format-standard","hentry","category-cpsc-329-602-w22","entry"],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Sebastian Reinberg-Abernethy","author_link":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/author\/sebastian-reinberg-abernethy\/"},"_links":{"self":[{"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/posts\/2514","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/users\/381"}],"replies":[{"embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/comments?post=2514"}],"version-history":[{"count":37,"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/posts\/2514\/revisions"}],"predecessor-version":[{"id":2551,"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/posts\/2514\/revisions\/2551"}],"wp:attachment":[{"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/media?parent=2514"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/categories?post=2514"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-json\/wp\/v2\/tags?post=2514"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}