LockBit ransomware suspect faces up to five years in prison


Russian-Canadian national Mikhail Vasiliev was arrested in Canada on Wednesday over his alleged participation in the LockBit ransomware campaign, which has claimed at least 1,000 victims in the United States.

Thirty-three-year-old Vasiliev is charged with “conspiracy to intentionally damage protected computers and to transmit ransom demands” and, if convicted, faces a maximum of five years in prison. Vasiliev is currently in Canadian custody awaiting extradition to the United States.

Evidence for the charges was collected during two separate police raids on the suspect’s home

The criminal complaint describes two separate police raids of his Ontario home — first in August 2022 and then again the following October. During the first search, Canadian law enforcement discovered screenshots of encrypted messages exchanged with a user named “LockBitSupp” (believed to be shorthand for “LockBitSupport”) and sensitive login data belonging to employees of a confirmed LockBit victim from January 2022.

During the second search, Vasiliev was restrained before he was able to lock his laptop, allowing for a more thorough search of his device. Investigators discovered a file named “TARGETLIST” (believed to be a list of prospective or historical cybercrime victims) as well as an open browser tab on a site named “LockBit LOGIN” hosted on the dark web LockBit Domain. 

Authorities also used Vasiliev’s Bitcoin holdings to connect him to the criminal scheme. A seed phrase for a Bitcoin wallet address was found during the October 2022 search, with blockchain analysis revealing the wallet received a payment of approximately 0.80574055 BTC on February 5th, 2022. Funds for this transaction were traced back to a ransom payment of 2.8759 BTC made by a confirmed LockBit victim six hours prior.

LockBit is believed to be responsible for around 44 percent of ransomware campaigns this year

LockBit ransomware is malicious self-spreading software that locks users out of computer systems, holding data “hostage” under threat of posting it to the dark web until a ransom payment is made. Since it was discovered in January 2020, LockBit has become one of the most active ransomware variants in the world and is believed to be responsible for around 44 percent of all ransomware campaigns so far this year, according to Deep Instinct’s 2022 Interim Cyber Threat Report.

LockBit members are believed to have made at least $100 million in ransom demands, with tens of millions of dollars in actual ransom payments extracted from their victims. Earlier this year, the small towns of St. Marys, Ontario, and Frederick, Colorado, were targeted by the group, with LockBit demanding a $200,000 ransom in exchange for not publishing data stolen from Frederick residents.

“This arrest is the result of over two-and-a-half-years of investigation into the LockBit ransomware group, which has harmed victims in the United States and around the world,” said Deputy Attorney General Lisa O. Monaco.



Read original article here

Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More