Canadian Arrests Russian Man Involved in LockBit Ransomware Attacks

Law enforcement officials said that the last month, 33-year-old Russian Mikhail Vasiliev was arrested in Canada and the authorities believe he was involved in LockBit ransomware attacks that affected “critical infrastructure and large industrial enterprises around the world.”

Let me remind you that we also reported that India arrests Russian hacker who offered applicants help in passing the JEE-Main exam, and also that Trickbot ransomware wanted to open offices in St. Petersburg.

Apparently, Vasiliev was one of the “partners” of the group behind the creation of LockBit.

The operation and investigation that resulted in the arrest of the suspect involved the French National Gendarmerie, Europol, the FBI, and the Royal Canadian Mounted Police.

One of the most active ransomware operators in the world was arrested on October 26 in Ontario, Canada. The suspect, a 33-year-old Russian citizen, is suspected of using LockBit ransomware to carry out attacks on critical infrastructure and large industrial organizations around the world.Europol said.

During a search of the suspect’s home, law enforcement officials seized eight computers and 32 external hard drives, two firearms, and €400,000 worth of cryptocurrency.

Europol adds that this LockBit operator “was one of the high-priority targets, as it was involved in many high-profile ransomware attacks” and also “distinguished itself” by trying to extort ransoms from victims ranging from 5 to 70 million euros.

Although Europol describes Vasiliev as an “operator” of LockBit, he was most likely only a “partner” of the malware developers and not the head of operations. As security experts have already noted, a representative of the LockBit group, known under the nickname LockBitSupp, posted messages on hacker forums yesterday, as if any incident happened. And even the leak of the LockBit 3.0 builder has not yet stopped the activities of cybercriminals from this group.

The US Department of Justice also issued its own press release on the arrest. In the attached court documents, it is reported that Vasiliev has dual citizenship of Russia and Canada, and in August 2022, during a search of his house, Canadian law enforcement officers found screenshots from Tox, where the suspect communicated with LockBitSupp; instructions on how to deploy a Linux/ESXi ransomware; malware source code; as well as “computer screen photographs of usernames and passwords for various platforms owned by employees of a LockBit victim company in Canada that was subjected to a confirmed LockBit attack in January 2022.”

Vasiliev is currently awaiting extradition to the United States. He is charged with conspiracy to transfer ransom demands and wilfully damaging protected computers. If found guilty, he faces up to five years in prison.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button