Expand / Collapse search
Watch TV
Menu

Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital SolutionsLegal Statement.

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. FAQ - New Privacy Policy

Cybercrime
Published

US charges Ukrainian, Russian nationals over cyberattack

The US also seized $6 million in ransom payments

close
Fox News Flash top headlines are here. Check out what's clicking on Foxnews.com. video

Fox News Flash top headlines for November 8

Fox News Flash top headlines are here. Check out what's clicking on Foxnews.com.

The U.S. Justice Department has charged a suspect from Ukraine and a Russian national over a July ransomware attack on an American company, according to indictments made in court filings on Monday, and has seized $6 million in ransom payments.

The latest U.S. actions follow a slew of measures taken to combat ransomware that earlier this year hit big companies, including Colonial Pipeline, the largest fuel pipeline in the United States, and crippled fuel delivery for several days in the U.S. Southeast.

Yaroslav Vasinskyi, a Ukrainian national arrested in Poland last month, will face U.S. charges for deploying ransomware known as REvil, which has been used in hacks that have cost U.S. firms millions of dollars, the court filing showed.

REvil gained notoriety as the Russian group behind the ransomware attack against meatpacker JBS SA.

INGRAHAM BACKS PARENTS AS BIDEN, JUSTICE DEPARTMENT TRY TO CRIMINALIZE THEM

Hacker in a dark hoody sitting in front of a notebook with digital russian flag and binary streams background cybersecurity concept (iStock / iStock)

Vasinskyi conducted a ransomware attack over the July 4 weekend on Florida-based software firm Kaseya that infected up to 1,500 businesses around the world, according to the charges filed in the U.S. District Court for the Northern District of Texas.

Vasinskyi and another alleged REvil operative, Russian national Yevgeniy Polyanin, were charged by the United States with conspiracy to commit fraud and conspiracy to commit money laundering, among other charges.

Ransomware, virus attack alert on a computer laptop screen, wooden desk, blur office background, front view. 3d illustration

The Treasury Department also said the two operatives face sanctions for their role in ransomware incidents in the United States, as well as a virtual currency exchange called Chatex "for facilitating financial transactions for ransomware actors."

Vasinskyi's alleged July 2021 hacking of Kaseya was one of the most widespread ransomware attacks and involved a widely used software tool made by the IT company. Many Kaseya customers were infected at once with REvil encryption. Some paid ransoms, though a master decryption key was eventually recovered by authorities and distributed weeks later.

Deputy Attorney General Lisa Monaco credited Kaseya for its help in the investigation. "We are here today because in their darkest hour, Kaseya made the right choice and they decided to work with the FBI... in doing so, we were able to identify and help many victims of this attack."

RANSOMWARE GANG SAYS IT TARGETED NATIONAL RIFLE ASSOCIATION

The Treasury said more than $200 million in ransom payments were paid in Bitcoin and Monero. It added that Latvian and Estonian government agencies were vital to the investigation.

Vasinskyi, 22, was being held in Poland pending U.S. extradition proceedings, while Polyanin, 28, remained at large.

Reuters could not reach any legal representatives for the two, and no lawyers were listed on the indictments.

Darkweb, darknet and hacking concept. Hacker with cellphone. Man using dark web with smartphone. Mobile phone fraud, online scam and cyber security threat. Scammer using stolen cell. AR data code.

Television news stations appeared to be the target of cyberattacks this week. Several industries have been targeted in similar ways in recent weeks. (iStock)

Up to 1,500 businesses around the world have been affected by ransomware attacks centered on Kaseya. Such companies typically handle back-office work for companies too small or modestly resourced to have their own tech departments.

The U.S. indictment of the Ukrainian hacker said he and other conspirators started deploying hacking software around April 2019 and "regularly" updated and refined it. The indictment also accused the hacker of laundering money obtained through a hacking extortion scheme.

CLICK HERE TO GET THE FOX NEWS APP

Europol said earlier on Monday that Romanian authorities on Nov. 4 arrested two individuals suspected of cyber-attacks deploying the REvil ransomware. Since February, law enforcement authorities have arrested three other affiliates of REvil, Europol added.

Twelve suspects believed to have mounted ransomware attacks against companies or infrastructure in 71 countries were "targeted" in raids in Ukraine and Switzerland, Europol said on Friday.