Hacker sentenced to 20 years over ransomware attacks

Former Netwalker ransomware affiliate will spend two decades in an American prison and have to forfeit millions of dollars stolen during cyberattacks.

The US has sentenced a 35-year-old Canadian man Sebastian Vachon-Desjardins for his role in the NetWalker ransomware attacks. Not only will Vachon-Desjardins have to spend two decades behind bars, but he was also ordered to forfeit $21,5M.

Interestingly, Vachon-Desjardins was working for the Canadian government as an IT employee while carrying out ransomware attacks on the side.

Launched in late 2019, the NetWalker ransomware gang pioneered the double extortion method, threatening victims to leak stolen data if the ransom demands were not met. Even though the group attacked hundreds of organizations all over the world, the majority of victims were in the US.

According to the US Department of Justice (DoJ), NetWalker affiliates paid extra attention to the healthcare sector during the COVID-19 pandemic, using the global crisis to extort victims. Hospitals often opt to pay threat actors to avoid potentially lethal downtime. Authorities estimate that NetWalker extorted victims out of $60M over its run, with the highest ransom paid at $3M.

The gang was busted in January 2021, when authorities arrested Vachon-Desjardins and later shut down NetWalker’s dark web system. The Canadian IT employee was identified as the gang’s leading affiliate, with over 150 versions of NetWalker ransomware customized for each victim.

“The defendant in this case used sophisticated technological means to exploit hundreds of victims in numerous countries at the height of an international health crisis,” US Attorney Roger B. Handberg was quoted in the DoJ statement.

Vachon-Desjardins was extradited to the US from Canada, where he was arrested and sentenced to seven years in prison. Upon arrest, authorities discovered and seized over $740k in Canadian currency and 719 Bitcoin, valued at over $21.8M at the time of seizure and $14,4 as of today.

More from Cybernews:

Indian retailer leaks 200k customer data entries

APT groups likely maintained long-term access to Defense Industrial Base organization

Illegal gambling among bitcoin spending habits – survey

Malicious Tor installers distributed via YouTube

Attackers claim they hacked chip maker ADATA

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked