REvil Ransomware Affiliate Sentenced to 13+ Years for Global Extortion Campaign
6 May 2024
1 MIN read
Yaroslav Vasinskyi, a Ukrainian national and affiliate of the notorious REvil ransomware-as-a-service (RaaS) group, has been sentenced to more than 13 years in prison after pleading guilty to an 11-count indictment. Vasinskyi, also known by the alias “Rabotnik,” faced charges that included conspiracy to commit fraud, conspiracy to commit money laundering, and causing damage to protected computers.
Court documents reveal that Vasinskyi orchestrated thousands of ransomware attacks using the Sodinokibi/REvil ransomware variants. These attacks targeted computers worldwide, encrypting victims’ data and demanding exorbitant ransom payments in exchange for decryption keys.
Principal Deputy Assistant Attorney General Nicole M. Argentieri, who heads the Justice Department’s Criminal Division, stated, “Yaroslav Vasinskyi and his co-conspirators hacked into thousands of computers around the world and encrypted them with ransomware. Then they demanded over $700 million in ransom payments and threatened to publicly disclose victims’ data if they refused to pay.”
In addition to his prison sentence, Vasinskyi has been ordered to pay approximately $16 million in restitution for his involvement in more than 2,500 ransomware attacks. This sum represents only a small portion of the staggering $700 million in ransom payments that the group demanded from its victims.
The sentencing of Vasinskyi serves as a significant victory for international law enforcement efforts in combating the global threat of ransomware. The REvil group has been responsible for some of the most devastating and far-reaching ransomware campaigns in recent years, causing immense financial damage and disruption to businesses and organizations worldwide.
The successful prosecution of Vasinskyi underscores the importance of continued collaboration between law enforcement agencies across the globe in identifying, apprehending, and bringing to justice those involved in ransomware operations. It also sends a clear message to cybercriminals that their actions will not go unpunished, and that the international community remains committed to fighting the ever-evolving threat of ransomware.