Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker.

A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. to charges related to his involvement with the Russian cybercrime group NetWalker.

In March, the man was extradited to the United States to face charges for dozens of ransomware attacks resulting in the payment of tens of millions of dollars in ransoms.

According to DoJ, US authorities charged him with conspiracy to commit computer fraud and wire fraud, intentional damage to a protected computer, and transmitting a demand in relation to damaging a protected computer arising from his alleged participation in the NetWalker gang. 

In January, a joint operation of U.S. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators. Law enforcement authorities also charged the Canadian national for its role in the NetWalker ransomware operations.

The group has been active since 2019, the NetWalker ransomware has been offered with the Ransomware-as-a-Service (RaaS) model.

The list of victims of the group is long, it includes Pakistan’s largest private power company K-Electric, Argentina’s official immigration agency, Dirección Nacional de Migraciones, and the University of California San Francisco (UCSF), the latter paid a $1.14 million ransom to recover its files.

In August 2020, the FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. and foreign government organizations.

NetWalker is also believed to have been responsible for compromising the network of the University of California San Francisco (UCSF), which paid over $1 million to recover from the incident. In July, the FBI warned of NetWalker attacks targeting government organizations.

The Department of Justice also charged against the Canadian national Sebastien Vachon-Desjardins in relation to NetWalker ransomware attacks, he is alleged to have obtained at least over $27.6 million as a result of the offenses charged in the indictment. The law enforcement also seized $454,530.19 in cryptocurrency obtained from ransom payments.

In February 2022, the Ontario Court of Justice sentenced the man to six years and eight months in prison prior to his extradition.

“Between May 2020 and January 2021, the Defendant victimized 17 Canadian entities and others throughout the world by breaching private computer networks and systems, hi-jacking their data, holding the stolen data for ransom, and distributing stolen data when ransoms were not paid. The Defendant excelled at what he did. Between 10-15 unknown individuals hired the Defendant to teach them his methods.” read the reasons for the sentence. “Some of these activities benefitted those interested in securing computer networks from these types of attacks. Some of the Defendant’s students were likely other cyber threat actors.”

The man could face 10 years in prison.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Ex-Canadian government employee admits to be a member of the Russian cybercrime gang NetWalkerNetWalker)

[adrotate banner=”5″]

[adrotate banner=”13″]