Feds Charge Canadian for Using Netwalker Ransomware to Extort $14M-news

with CLIPREVIEWED learn the articleFeds Charge Canadian for Using Netwalker Ransomware to Extort $14M

(Credit: US Justice Department)

Federal investigators have charged a Canadian national for using the Netwalker ransomware strain to extort millions from victims.

On Wednesday, the US Justice Department announced the arrest as it also seized a site that the Netwalker ransomware used to communicate with its targets.

Over the past year, Netwalker has become one of the more notorious ransomware strains in the US, shutting down computers at schools, hospitals, city governments, and companies. The malicious code works by encrypting fleets of Windows machines, and then demanding the owners pay up in Bitcoin or risk losing all their data. In Netwalker’s case, the ransomware can also threaten to leak the victim’s compromised data to the public. 

The suspect, Sebastien Vachon-Desjardin, is currently in custody in Canada, according to the DOJ, which refrained from revealing his exact involvement. However, a Bitcoin tracking firm called Chainalysis said it worked with investigators to track down Vachon-Desjardin, and says he was among the cybercriminals who rented access to the ransomware strain. 

“Many strains, including NetWalker, function on the Ransomware as a Service (RaaS) model, in which attackers known as affiliates ‘rent’ usage of a particular ransomware strain from its creators or administrators, who in exchange get a cut of the money from each successful attack,” the company explains. 

Credit: Chainalysis

Vachon-Desjardin was but one of a “fewer than 20 affiliates.” However, he was quite successful in his ransomware schemes, raking in $14 million worth of Bitcoin at the time he received the funds, which is now worth over $27.6 million, according to Chainalysis. 

“According to government partners, Vachon-Desjardins was involved in at least 91 attacks using NetWalker ransomware since April 2020, deploying the malware as an affiliate and receiving 80% of the ransom,” the company said. “In addition to NetWalker, we suspect Vachon-Desjardins was involved in the deployment of other RaaS strains like Sodinokibi, Suncrypt, and Ragnarlocker.” 

In total, Chainalysis estimates Netwalker successfully extorted over $46 million from at least 305 victims, 203 of which are located in the US. The average ransom demand has also grown to $65,000 per victim, up from $18,800 in 2019. 

Chainalysis graphic

Credit: Chainalysis

So far, the US’s newly announced crackdown on Netwalker has only managed to seize $454,530 in virtual currency, which consisted of ransomware payments from three victims. Nevertheless, federal officials hope the arrest of Vachon-Desjardin sends a message to both cybercriminals and victims of ransomware attacks, who often give into the payment demands. 

“Ransomware victims should know that coming forward to law enforcement as soon as possible after an attack can lead to significant results like those achieved in today’s multi-faceted operation,” US Acting Assistant Attorney General Nicholas McQuaid said in a statement. The FBI has a website where you can submit internet crime complaints.

keyword: Feds Charge Canadian for Using Netwalker Ransomware to Extort $14MFeds Charge Canadian for Using Netwalker Ransomware to Extort $14MFeds Charge Canadian for Using Netwalker Ransomware to Extort $14M

Leave a Reply

Your email address will not be published. Required fields are marked *