The Department of Justice today announced the latest action against two foreigners accused of attacking US businesses and government agencies.

The indictment alleges that Yaroslav Vassinsky, a 22-year-old Ukrainian national, was involved in a series of redemptive attacks on several victims, including the July 2021 attack on several national information technology software companies.

Yevgeniy Polyanin, a 28-year-old Russian man charged with assaulting a commercial enterprise and government agency in Texas, has been fined $ 6.1 million, according to the department. August 16, 2019 or around.

According to the indictment, Vassinsky and Polyanin were able to access the computer networks of several victims and deploy Sodinokibi / RevalRamware to encrypt the victim’s computers.

“Cybercrime is a serious threat to our country’s security, our economy and our national security,” said Attorney General Garland. “Our message today is clear. The United States, along with our partners, will do everything in its power to identify, prosecute, and recover money from its victims.

“Our message to Red Crescent criminals is clear. If you target the victims here, we will target you,” said the Deputy Attorney General of Monaco. “The Sodinokibi / Revival Randomware team attacks companies and critical infrastructure around the world, and today’s ads show how we fight back. For another success of the Ransomware and Digital Extortion Task Force recently launched by the department, criminals now know that we will take your profits, your ability to travel and – ultimately – your freedom. The department, along with our partners at home and abroad, will continue to dismantle the cybercriminal ecosystem and threaten us all.

“The arrest of Yaroslav Vassinsky, the prosecution of Yevigeni Polini and the seizure of $ 6.1 million worth of property, and the arrest of two other Sodinokib / Rivil actors in Romania are the culmination of close cooperation with the international community, the US government and our private sector.” Partners, ”said FBI Director Christopher Ray. “The FBI has been creative and relentless in cracking down on the criminals behind Sodinokibi / Revil. Ransomware groups like them pose a serious and unacceptable threat to our security and the security of our economy. We will continue to target their actors and coordinators, their infrastructure and their finances everywhere in the world.

“Ransomware can disrupt business within minutes. The two defendants have cracked down on the most dangerous Internet code written by Reality to hack into victims’ computers.” It penetrates the corners of the Internet and the ends of the earth.

According to court documents, Vassinsky was charged in connection with the July 2 attack on Casey. In the wake of the alleged attack on Vase, Vassinsky’s malicious codex was launched into Kaseya’s production, which led to the launch of the Caspian product REvil ransomware on Kaseya’s client networks. After the Kaseya endpoints remote access was established, Renmware was applied to those computers, which led to the encryption of data by companies using Caseya endpoints around the world.

Deployed by Sodinokibi / Revival Ransomware, the defendants left electronic notes on the victims’ computers in the form of text files. The notes link to an open source private network called Tor, as well as a public web address that victims can visit to access their files. When they visited both websites, victims were asked for a ransom and provided a virtual currency address to use to pay the ransom. If the victim paid the ransom, the defendants provided the decryption key and the victims were able to access their files. If the victim does not pay the ransom, the defendants will usually post the victim’s stolen information or claim to have sold the stolen information to third parties, and the victims will not be able to access their files.

Vassinsky and Polyanin have been charged with various offenses, including computer fraud, computer damage and money laundering. If convicted of all crimes, they would each face 115 to 145 years in prison.

The $ 6.1 million seized from Poliin was found to have been used in ransomware fraud and money laundering by SodiumCobil / Rev Ransomware. The warrant was issued from the Northern District of Texas. Pollin is believed to be abroad.

On October 8, Vassinsky was arrested in Poland, where he was detained by authorities in connection with a request to be extradited to the United States under a extradition agreement between the United States and the Republic of Poland. In parallel with the arrests, interviews and interviews were conducted in several countries, and the Ukrainian National Police and the Ukrainian Prosecutor’s Office did not respond immediately.

The FBI is conducting the investigation in Dallas and Jackson Field. Much assistance was provided by the Department of Justice’s Office of International Affairs and the Department of National Security’s Anti-Information and Export Control Unit.

Tiffany H. Eger, Assistant Attorney General of the Texas District of Texas and Senior Adviser to the Department of Computer Crime and Intellectual Property of the Department of Justice; Jones is suing.

The operation was carried out in close collaboration with the U.S. North District Attorney’s Office of Texas, the FBI’s Dallas and Jackson Field Offices, and the Criminal Division of the Computer Crime and Intellectual Property Division, a major component of the Coalition. Investigators and prosecutors from a number of positions, including the Romanian National Police and the Directorate of Investigating Organized Crime and Terrorism; Canadian Royal Canadian Police; French Court of Paris and BL2C (Anti-Cyber ​​Crime Unit Police); Dutch National Police; Polish National Prosecutor’s Office, Border Guard, Internal Security Agency and Ministry of Justice; And the governments of Norway and Australia have provided significant assistance.

U.S. Treasury Financial Crimes Network (Finnsen), Homeland Security Cyber ​​Security and Infrastructure Security (CIA), German Public Prosecutor’s Office Stuttgart and Baden Wuttumber State Bureau of Investigation; Swiss Public Prosecutor’s Office II Zurich Canton and Canton Police Zurich; United Kingdom National Crime Agency; U.S. Secret Service; Texas Department of Information Resources; BitDefender; McAfee; And Microsoft has helped a lot.

The case is part of the Justice Department’s Ransomware and Digital Extension Task Force, which was set up to combat the growing number of roaming and digital robbery attacks. As part of the Task Force, the Task Force, in cooperation with the U.S. Attorney’s Office, intercepted, investigated, and prosecuted the activities of Ransomware and Digital Robbery, identifying cybercriminals responsible, and holding those individuals accountable for their crimes. Through its task force, the department strategically targets the criminal ecosystem as a whole and works with local and foreign government agencies as well as private sector partners to prevent this significant criminal threat.

Read more about Ransomware and Digital Extortion Task Force Deputy Attorney General’s latest directive note On related investigations and issues. Visit additional sources for Ransomware Prevention and Response StopRansomware.gov.

Prosecution is the only charge, and all defendants are presumed innocent until proven guilty in court.