US charges two suspected major ransomware operators

Us Charges Two Suspected Major Ransomware Operators Us Charges Two Suspected Major Ransomware Operators
Ransomware Arrests, © AP/Press Association Images
Share this article

By Eric Tucker, Associated Press

Two suspected criminal hackers have been charged in the United States in connection with a wave of ransomware attacks.

Attorney General Merrick Garland and other top officials announced charges against Ukrainian Yaroslav Vasinskyi and Russian Yevgeniy Polyanin, alleging them to be part of the REvil ransomware gang.

Officials said Vasinskyi was recently arrested in Poland and that the US government had recovered 6.1 million US dollars in “ill-gotten funds” from Polyanin.

“The Justice Department is sparing no resource to identify and bring to justice anyone, anywhere who targets the United States with a ransomware attack,” Mr Garland said.

The Treasury Department also announced sanctions against the pair as well in what it said was a virtual currency exchange, Chatex, the department said was used by ransomware gangs.

European law enforcement authorities also announced Monday that they had arrested two other suspected ransomware operators with links to REvil in Romania.


The arrests were part of a law enforcement investigation called GoldDust that involved the United States and 16 other countries.

REvil, also known as Sodinokibi, has been linked in recent months to ransomware targeting the world’s largest meat processor, JBS SA, as well as a Fourth of July weekend attack that snarled businesses around the world through a breach of a Florida-based software company called Kaseya.

The Justice Department has tried multiple ways to address a ransomware wave that it regards as a national security and economic threat.

Arrests of foreign hackers are significant for the Justice Department since many of them operate in the refuge of countries that do not extradite their own citizens to the US for prosecution.

The Justice Department in June seized 2.3 million dollars in cryptocurrency from a payment made by Colonial Pipeline following a ransomware attack that caused the company to temporarily halt operations, creating fuel shortages in parts of the country.

Read More

Want us to email you top stories each lunch time?

Download our Apps
© 2023, developed by Square1 and powered by