145 Years Prison Await Two Revil Ransomware Perpetrators If Proved Guilty

Yevgeniy Polyanin, the perpetrator of the ransomware attack is now wanted by the FBI. (photo: twitter @fbi)

JAKARTA - The United States (US) Department of Justice (DOJ) has finally indicted two suspects suspected of conspiring with the notorious REvil ransomware group.

The two suspects, 22-year-old Yaroslav Vasinskyi from Ukraine, are suspected of carrying out several ransomware attacks including an attack in July against software company Kaseya.

As a result of this attack hundreds of entities, ranging from schools, shops, to railroads, were directly affected by the attack. Because Kaseya is a software supply chain.

According to the indictment, Vasinskyi used Kaseya products to distribute ransomware. A total of 1,500 businesses and organizations worldwide were affected. REvil, a ransomware group linked to Vasinskyi, initially asked for $70 million in exchange for unlocking victims' systems.

Three weeks after the attack occurred, Kaseya distributed decryption keys, which allowed its customers to regain access to their computers. Vasinskyi was arrested in Poland last month and is being held there pending extradition to the US. Meanwhile, Polyanin is still at large and is thought to be abroad.

The FBI and our partners also announced the seizure of $6.1 million in funds traceable to alleged ransom payments received by Yevgeniy Polyanin, a Russian national who allegedly launched Sodinokibi/REvil #ransomware attacks against multiple victims. https://t.co/JXumjABvTf pic.twitter.com/kbd38fqr6k

— FBI (@FBI) November 8, 2021

Furthermore, the DOJ has also seized $6.1 million in alleged ransom payments received by 28-year-old Russian Yevgeniy Polyanin who was also charged with carrying out the REvil ransomware attack against multiple victims, including businesses and government entities, in August 2019 in Texas.

Vasinskyi and Polyanin will be charged in separate charges with conspiracy, committing fraud and related activities in connection with computers, along with charges of tampering with protected computers and conspiracy to commit money laundering. If both are found guilty on all charges, they face maximum sentences of 115 and 145 years in prison, respectively.

"Our message today is clear. The United States, together with our allies, will do everything in our power to identify the perpetrators of the ransomware attack, to bring them to justice, and to recover the funds they have stolen from their victims," said Attorney General Merrick Garland.

Government officials in the US and abroad have stepped up their efforts to combat ransomware and cybercriminals, following several high-profile attacks.

Reporting from CNET, Tuesday, November 9, cybercriminals linked to REvil were responsible for the May cyberattack that attacked the Colonial Pipeline, causing gas shortages in the US.

The attackers used encryption software called DarkSide, developed by a REvil partner. REvil was responsible for the attack that crippled international meatpacking company JBS in May.

Earlier, European law enforcement officials also announced the arrests in Romania of two people accused of using the REvil ransomware to commit cybercrimes.