London Daily

Focus on the big picture.
Saturday, Aug 23, 2025

US Seizes $6.1 Million In Relation To Russian Ransomware Operator

US Seizes $6.1 Million In Relation To Russian Ransomware Operator

U.S. Attorney General Merrick Garland, speaking at a news conference, said another alleged ransomware attacker, Ukrainian Yaroslav Vasinskyi, has been arrested in Poland, and the United States has requested extradition.
The U.S. Justice Department charged a Ukraine national and a Russian in one of the worst ransomware attacks against American targets, court filings showed on Monday.

The latest U.S. actions follow a slew of measures taken to combat a surge in ransomware that has struck several big companies, including an attack on the largest fuel pipeline in the United States that crippled fuel delivery for several days.

An indictment accused Ukrainian Yaroslav Vasinskyi, who was arrested in Poland last month, of breaking into Florida software provider Kaseya over the July 4 weekend.

From there, he and accomplices simultaneously distributed REvil ransomware to as many as 1,500 Kaseya customers, encrypting their data and forcing some to shut down for days, it said.

Vasinskyi is charged with breaking into the victim companies and installing encryption software, developed by the core REvil group. REvil directly handled the ransom negotiations and split the profits with affiliates like Vasinskyi. This model allowed the notorious ransomware gang to extort numerous companies for cryptocurrency.

Kimberly Goody, director of financial crime analysis at security company Mandiant, said targeting affiliates could be more effective than going after the core gangs, because their skills are more prized than encryption software, which is ubiquitous. Some affiliates also work with multiple gangs.

The arrest was part of a major ongoing sweep against key ransomware figures coordinated by the FBI, Europol and national police organizations throughout Europe, with help from private security companies.

REvil, also involved in an attack against top global meatpacker JBS SA, was penetrated by the joint operation, Reuters reported previously, and authorities recovered $6 million in ransom payments.

REvil announced it was shutting down last month, as did a rival gang involved in the hack of Colonial Pipeline.

Vasinskyi and another alleged REvil operative, Russian national Yevgeniy Polyanin, were charged in U.S. District Court for the Northern District of Texas with conspiracy to commit fraud and conspiracy to commit money laundering, among other offenses.

The Treasury Department said the two face sanctions for their role in ransomware incidents in the United States, as well as a virtual currency exchange called Chatex "for facilitating financial transactions for ransomware actors."

Latvian and Estonian government agencies were vital to the investigation, the Treasury said.

"International partnerships can disrupt bad actors," former U.S. civilian cyber defense Chris Krebs said on Twitter.

Deputy Attorney General Lisa Monaco credited Kaseya for its help in the investigation. "We are here today because in their darkest hour, Kaseya made the right choice and they decided to work with the FBI... in doing so, we were able to identify and help many victims of this attack."

The Treasury said more than $200 million in ransom payments were paid in Bitcoin and Monero.

Vasinskyi, 22, was being held in Poland pending U.S. extradition proceedings, while Polyanin, 28, remains at large. Russia's tolerance of major gangs targeting U.S. critical industry has been a flashpoint in relations with the Biden administration.

President Joe Biden said on Monday that his administration has taken "important steps to harden" critical U.S. infrastructure against cyberattacks. "When I met with President Putin in June, I made clear that the United States would take action to hold cybercriminals accountable. That's what we have done today", he said in a statement released by the White House.

Although discussions continue, security experts and most U.S. officials said they had not seen an overall decrease in ransomware attacks. Encryption software used for such attacks is freely available.

Reuters could not reach legal representatives for the two men accused on Monday, and no attorneys for them were listed in court filings.

The indictment said the Ukrainian hacker and other conspirators started deploying hacking software around April 2019 and regularly updated and refined it. It said he also laundered money obtained through the extortion scheme.

Europol said earlier on Monday that Romanian authorities on Nov. 4 arrested two other individuals suspected of attacks deploying the REvil ransomware. Officials in South Korea previously arrested three more people associated with REvil and two related strains of ransomeware, Europol added.

Twelve suspects believed to have mounted ransomware attacks against companies or infrastructure in 71 countries were "targeted" in raids in Ukraine and Switzerland, Europol said on Friday.
Newsletter

Related Articles

0:00
0:00
Close
Bunkers, Billions and Apocalypse: The Secret Compounds of Zuckerberg and the Tech Giants
Ukraine Declares De Facto War on Hungary and Slovakia with Terror Drone Strikes on Their Gas Lifeline
Animated K-pop Musical ‘KPop Demon Hunters’ Becomes Netflix’s Most-Watched Original Animated Film
New York Appeals Court Voids Nearly $500 Million Civil Fraud Penalty Against Trump While Upholding Fraud Liability
Elon Musk tweeted, “Europe is dying”
Far-Right Activist Convicted of Incitement Changes Gender and Demands: "Send Me to a Women’s Prison" | The Storm in Germany
Hungary Criticizes Ukraine: "Violating Our Sovereignty"
Will this be the first country to return to negative interest rates?
Child-free hotels spark controversy
North Korea is where this 95-year-old wants to die. South Korea won’t let him go. Is this our ally or a human rights enemy?
Hong Kong Launches Regulatory Regime and Trials for HKD-Backed Stablecoins
China rehearses September 3 Victory Day parade as imagery points to ‘loyal wingman’ FH-97 family presence
Trump Called Viktor Orbán: "Why Are You Using the Veto"
Horror in the Skies: Plane Engine Exploded, Passengers Sent Farewell Messages
MSNBC Rebrands as MS NOW Amid Comcast’s Cable Spin-Off
AI in Policing: Draft One Helps Speed Up Reports but Raises Legal and Ethical Concerns
Shame in Norway: Crown Princess’s Son Accused of Four Rapes
Apple Begins Simultaneous iPhone 17 Production in India and China
A Robot to Give Birth: The Chinese Announcement That Shakes the World
Finnish MP Dies by Suicide in Parliament Building
Outrage in the Tennis World After Jannik Sinner’s Withdrawal Storm
William and Kate Are Moving House – and the New Neighbors Were Evicted
Class Action Lawsuit Against Volkswagen: Steering Wheel Switches Cause Accidents
Taylor Swift on the Way to the Super Bowl? All the Clues Stirring Up Fans
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Apple Expands Social Media Presence in China With RedNote Account Ahead of iPhone 17 Launch
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Cambridge Dictionary Adds 'Skibidi,' 'Delulu,' and 'Tradwife' Amid Surge of Online Slang
Bill Barr Testifies No Evidence Implicated Trump in Epstein Case; DOJ Set to Release Records
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
The CEO Who Replaced 80% of Employees for the AI Revolution: "I Would Do It Again"
Emails Worth Billions: How Airlines Generate Huge Profits
Character.ai Bets on Future of AI Companionship
China Ramps Up Tax Crackdown on Overseas Investments
Japanese Office Furniture Maker Expands into Bomb Shelter Market
Intel Shares Surge on Possible U.S. Government Investment
Hurricane Erin Threatens U.S. East Coast with Dangerous Surf
EU Blocks Trade Statement Over Digital Rule Dispute
EU Sends Record Aid as Spain Battles Wildfires
JPMorgan Plans New Canary Wharf Tower
Zelenskyy and his allies say they will press Trump on security guarantees
Beijing is moving into gold and other assets, diversifying away from the dollar
Escalating Clashes in Serbia as Anti-Government Protests Spread Nationwide
The Drought in Britain and the Strange Request from the Government to Delete Old Emails
Category 5 Hurricane in the Caribbean: 'Catastrophic Storm' with Winds of 255 km/h
"No, Thanks": The Mathematical Genius Who Turned Down 1.5 Billion Dollars from Zuckerberg
The surprising hero, the ugly incident, and the criticism despite victory: "Liverpool’s defense exposed in full"
Digital Humans Move Beyond Sci-Fi: From Virtual DJs to AI Customer Agents
YouTube will start using AI to guess your age. If it’s wrong, you’ll have to prove it
×