US gives NetWalker ransomware operator $14M bill and 20 years behind bars


The US Department of Justice on Friday handed down a 20-year prison sentence to a Romanian national charged with helping to carry out hundreds of NetWalker ransomware attacks.

DoJ officials say 30-year-old Daniel Christian Hulea admitted to participating in attacks targeting hundreds of victims all over the world using the sophisticated ransomware.

According to court documents, Hulea and another co-conspirator had “specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort their victims.”

ADVERTISEMENT

Authorities have estimated that NetWalker extorted victims out of $60M until its demise in January 2021, with its highest ransom paid at $3M.

As part of the sentence, Hulea was ordered to pay $14,991,580.01 in restitution and forfeit $21,500,000 earned from ransom payments – about 1,595 Bitcoin at the time.

In addition to the $21.5 million, Hulea will also be forced to hand over his interests in a business venture funded in Indonesia with the ransom proceeds – a luxury resort property in Bali still under construction, and a limited liability company associated with the project.

Besides hospitals, emergency services, and other healthcare organizations, NetWalker ransomware victims included municipalities, law enforcement, school districts, colleges, and universities, the DoJ said.

Hulea, who hails from Jucu de Mijloc, Cluj, Romania, was arrested in his home country by law enforcement at the request of US authorities back in July 2023.

He was then extradited to the US, where he pled guilty to charges of computer fraud and wire fraud conspiracy charges in Florida Middle District court on June 20th.

ADVERTISEMENT
Ernestas Naprys Niamh Ancell BW jurgita Paulius Grinkevicius
Don’t miss our latest stories on Google News

In October 2022, the DoJ sentenced the alleged leader of the NetWalker gang – a 35-year-old Canadian man and presumably Hulea’s co-conspirator – for his part in the ransomware campaign.

Working for the Canadian government as an IT employee at the time of his involvement, Sebastian Vachon-Desjardins, was also sentenced to 20 years in federal prison and ordered to forfeit $21.5 million.

The group was said to have used double extorsion methods and is known to have used over 150 versions of NetWalker ransomware, customizing the variant for each victim.