Suspect in Kaseya Attack Extradited to US. The man, linked to the REvil gang, must stand trial in the United States.
Ukrainian Y. Vasinskyi, 22, was arrested in Poland last November. He is believed to be a member of the REvil ransomware gang that infiltrated and extorted corporate networks worldwide.
Vasinskyi is suspected of being behind the supply chain attack on Kaseya, REvil’s best-known and most far-reaching attack. Kaseya, a company that automates IT management, fell victim to ransomware in the middle of last year. However, through Kaseya, the attackers could spread to more than a thousand other companies and lock the systems there in exchange for a ransom.
That attack led to political pressure, including from US President Biden, to take stricter action against cybercrime. Vasinskyi is now suspected of having deployed the malicious Sodinokibi/REvil code within the Kaseya product, which also affected several of the company’s customers. According to the American Justice, he has been working for REvil. The maximum penalty for what he is charged is 115 years in prison.
REvil requested $70 million for a universal key that would decrypt all affected companies during the attack. However, the American federal police FBI is said to have already had it in its hands after a raid on the gang’s infrastructure. REvil, therefore largely disappeared from the radar after the attack. In addition to Vasinskyi, about sixteen other suspects worldwide are said to have been arrested, but the actual leaders of the gang are still at large.