Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting victims.

Yaroslav Vasinskyi (aka Rabotnik), 24, along with his co-conspirators part of the REvil ransomware group orchestrated more than 2,500 ransomware attacks and demanded ransom payments in cryptocurrency totaling more than $700 million.

“The co-conspirators demanded ransom payments in cryptocurrency and used cryptocurrency exchangers and mixing services to hide their ill-gotten gains,” the U.S. Department of Justice (DoJ) said.

Vasinskyi was extradited to the U.S. in March 2022 following his arrest in Poland in October 2021. REvil, prior to formally going offline in late 2021, was responsible for a series of high-profile attacks on JBS and Kaseya.

He previously pleaded guilty in the Northern District of Texas to an 11-count indictment charging him with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering.

“Lefterov and his co-conspirators stole victims’ login credentials – i.e., usernames and passwords—from the infected computers and then used the credentials to gain access to victim accounts at financial institutions, payment processers, and retail establishments as means to steal money from the victims,” the agency said.

Court documents show that the compromised computers could be accessed directly using a hidden virtual network computing (hVNC) server without the victims’ knowledge, thereby allowing Lefterov et al to sign in to their online accounts.