COVID-19 Ransomware Hacker Sentenced to 20 Years

Yesterday, the U.S. Justice Department (DOJ) announced the sentencing of a ransomware hacker to 20 years in federal prison.

The hacker is a Canadian national that wreaked havoc on countless institutions including hospitals during the height of the COVID-19 pandemic extorting $ millions from victims.

According to the DOJ press release, the Canadian national used a sophisticated form of ransomware called, “NetWalker.”

On September 28^th, New York Magazine published a 23-page book excerpt titled, “Inside the Ransomware Gangs That Extort Hospitals—They shut down patient care and put lives at risk. Would the pandemic finally slow them down? By Renee Dudley and Daniel Golden.”

The following is an excerpt from the book that gives more context to “NetWalker” and the recently sentenced hacker:

“In June 2020, NetWalker attacked a Maryland nursing-home chain and breached the private records of almost 48,000 seniors, which included Social Security numbers, birth dates, diagnoses, and treatments. When the company didn’t pay the ransom, the gang dumped a batch of data online.

“That same month, NetWalker stole data from and shut down several servers for the epidemiology-and-biostatistics department at the University of California, San Francisco, demanding a $3 million ransom.

“ “We’ve poured almost all funds into COVID-19 research to help cure this disease,” the university’s negotiator pleaded. “That on top of all the cuts due to classes being canceled has put a serious strain on the whole school.”

“NetWalker’s representative was skeptical: “You need to understand, for you as a big university, our price is shit. You can collect that money in a couple of hours. You need to take us seriously. If we’ll release on our blog student records/data, I’m 100% sure you will lose more than our price.”

“NetWalker scorned counteroffers of $390,000 and $780,000: “Keep that $780k to buy Mc Donalds for all employers. Is very small amount for us … Is like, I worked for nothing.” After six days of haggling, they compromised on $1.14 million and UCSF received the decryption tool.

“The Ransomware Hunting Team was unable to crack NetWalker. “It’s one of the most sophisticated ransomwares now. Very secure,” Gillespie, the team member from Bloomington, said.

“But in a rare moment of success for that time, the FBI disrupted NetWalker’s operations and took down its most profitable affiliate. Although the group’s developers were based in Russia, the alleged affiliate, Sebastien Vachon-Desjardins, was a Canadian citizen living in Quebec. An IT technician for the Canadian government’s purchasing agency and a convicted drug trafficker, Vachon-Desjardins apparently hooked up with NetWalker by answering an ad that a gang member named Bugatti had posted on a cybercriminal forum in March 2020. The ad explained how to become a NetWalker affiliate and asked applicants about their areas of expertise and experience working with other ransomware strains.

“ “We are interested in people who work for quality,” Bugatti wrote. “We give preference to those who know how to work with large networks.”

“Sebastien Vachon-Desjardins and his co-conspirators committed dozens of ransomware attacks in 2020, raking in at least $27.7 million, according to court documents in the U.S. and Canada. Vachon-Desjardins kept 75 percent of the profits with the rest going to NetWalker.

“During a conversation in November 2020 with Bugatti, Vachon-Desjardins referred to an attack on a public utility as his “latest big hit.” “I hit them hard bro,” he wrote. “Very locked.” He added that he would visit Russia soon, but the trip didn’t materialize. In December, Vachon-Desjardins was indicted on computer-fraud charges in federal court in Florida, where one of his first victims, a telecommunications company, was headquartered. When Canadian authorities, which were also investigating him, searched his cryptocurrency wallets in January 2021, they found $40 million in bitcoin — the largest cryptocurrency seizure in Canadian history. He was arrested and extradited to the U.S.”

According to New York Magazine, the above excerpt was adapted from: The Ransomware Hunting Team: A Band of Misfits’ Improbable Crusade to Save the World From Cybercrime, by Renee Dudley and Daniel Golden. To be published by Farrar, Straus and Giroux on October 25.

Disclaimer: IPProbe.Global is a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, regarding the content provided in IPProbe.Global. We disclaim all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such persons and the accuracy and validity of the information provided by them. This blog is for general information only and not intended to provide legal or other professional