A Russian-Canadian national was sentenced to nearly four years in prison in Canada for his role in the LockBit ransomware operation.
The man, Mikhail Vasiliev, 34, was arrested in October 2022 in his home in Bradford, Ontario.
In February 2024, he pleaded guilty to stealing victims' computer data and holding it hostage for extortion.
Vasiliev targeted at least three organizations in Canada, encrypting their data and seeking ransom payments from them.
In November 2022, the US Department of Justice announced separate charges against Vasiliev for his involvement in LockBit attacks.
He consented to being extradited to the US, where he faces up to five years in prison.
At the time, Europol described Vasiliev as one of the 'most prolific ransomware operators' due to his involvement in high-profile attacks.
According to CTV News, in addition to the prison sentence, the man has been ordered to pay $860,000 in restitution to his Canadian victims.
While Vasiliev awaits extradition to the US, his family allegedly plans to move back to Russia.
Active since at least 2020, LockBit has functioned under the ransomware-as-a-service business model, in which affiliates perpetrate intrusions and deploy the file-encrypting ransomware provided by the RaaS operators, in exchange for a percentage of the ransom payment.
LockBit was one of the most prolific RaaS operations until February 2024, when its infrastructure was seized by law enforcement.
The LockBit operators are believed to have received over $100 million in ransom payments.
Shortly after the takedown, the US announced it was offering a reward of up to $10 million for information leading to the arrest of LockBit leaders.
Roughly a week after the takedown, LockBit reemerged with new leak sites.
Security experts believe that the RaaS is unlikely to recover.
To date, authorities have arrested at least six individuals suspected of involvement in LockBit operations, Vasiliev included.
Ruslan Magomedovich Astamirov, a Russian national, was arrested and charged last year in the US. Two other suspects were arrested in Ukraine in October 2021, while two others were arrested last month during the LockBit infrastructure takedown.
This Cyber News was published on www.securityweek.com. Publication date: Wed, 13 Mar 2024 17:13:07 +0000