Pierluigi Paganini May 02, 2024

A Ukrainian national, a member of the REvil group, has been sentenced to more than 13 years in prison for his role in extortion activities.

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims.

The man is a member of the REvil ransomware gang and was sentenced for his role in carrying out more than 2,500 ransomware attacks and demanding over $700 million in ransom payments.

In November 2021, the US Department of Justice charged Vasinskyi, REvil ransomware affiliate, for orchestrating the ransomware attacks on Kaseya MSP platform that took place on July 4, 2021.

Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland. Vasinskyi was extradited to the U.S. in March 2022.

Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019.

“According to court documents, Yaroslav Vasinskyi, also known as Rabotnik, 24, conducted thousands of ransomware attacks using the ransomware variant known as Sodinokibi/REvil.” reads the press release published by DoJ. “Ransomware is malicious software designed to encrypt data on victim computers, allowing bad actors the ability to demand a ransom payment in exchange for the decryption key.” The co-conspirators demanded ransom payments in cryptocurrency and used cryptocurrency exchangers and mixing services to hide their ill-gotten gains. To drive their ransom demands higher, Sodinokibi/REvil co-conspirators also publicly exposed their victims’ data when victims would not pay ransom demands.”

Vasinskyi had previously pleaded guilty in the Northern District of Texas to an 11-count indictment. The charges included conspiracy to commit fraud and computer-related activity, damaging protected computers, and conspiracy to commit money laundering. In a related matter, in 2023, the Department concluded the forfeiture of millions of dollars’ worth of ransom payments through two connected civil forfeiture cases. This included seizing 39.89138522 Bitcoin and $6.1 million in U.S. dollars linked to purported ransom payments received by other members of the conspiracy.

“Deploying the REvil ransomware variant, the defendant reached out across the globe to demand hundreds of millions of dollars from U.S. victims,” said Deputy Attorney General Lisa Monaco. “But this case shows the Justice Department’s reach is also global—working with our international partners, we are bringing to justice those who target U.S. victims, and we are disrupting the broader cybercrime ecosystem.”

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, ransomware)