A Sodinokibi/REvil ransomware operation affiliate has been sentenced to 13 years and seven months in prison for multiple ransomware attacks against numerous organizations across the world, including the infamous July 2021 supply chain attack on Texas-based IT company Kasea. This attack caused widespread disruption and financial losses for multiple businesses, governments, and other entities.

Yaroslav Vasinskyi, aka ‘Rabotnik,’ was charged in November 2021 along with another REvil affiliate, Yevgeniy Polyanin, a Russian national. Vasinskyi and Polyanin gained access to the internal corporate networks of several enterprises and deployed Sodinokibi/REvil ransomware to encrypt the data on the victim computers. The authorities also seized $6.1 million from Polyanin obtained through ransomware attacks.

Vasinskyi, who was arrested in Poland and extradited to the United States, pleaded guilty to charges related to fraud and related activity in connection with computers, damage to protected computers, and money laundering.

In addition to his prison sentence, Vasinskyi has also been ordered to pay over $16 million in restitution for his role in orchestrating more than 2,500 ransomware attacks, demanding over $700 million in ransom payments.

ImmuniWeb can help prevent data breaches and meet regulatory requirements.
Request your free demo now and talk to our experts.

Notorious Finnish hacker receives a 6-year prison sentence for Vastaamo breach

Julius “Zeekill” Kivimäki, a notorious cybercriminal and former member of the infamous Lizard Squad crew, has been sentenced to six years and three months in prison for hacking the Helsinki-based psychotherapy center Vastaamo's patient database.

The Vastaamo breach first came to light in October 2020, when a hacker operating under the alias “Ransom Man” demanded a ransom of 450,000 euros in bitcoin in exchange for not leaking patients' private information. When the medical facility refused to comply, individual patients were targeted with demands for smaller ransoms, ranging from 200 euros within 24 hours to 500 euros if not paid within 48 hours.

Kivimäki's involvement in the breach dates back to autumn 2018, when he gained unauthorized access to Vastaamo's database, comprising the personal information of approximately 33,000 individuals. Following his arrest in France in February 2023 and subsequent extradition to Finland, Kivimäki faced multiple charges, including aggravated data breach, invasion of privacy, attempted extortion, and blackmail.

Throughout the trial, the prosecution argued for the maximum penalty of seven years behind bars. However, the court, while acknowledging the gravity of Kivimäki's crimes, also took into consideration his willingness to enter into conditional settlements on compensation claims with numerous plaintiffs.

Second DraftKings hacker pleads guilty

Kamerin Stokes, aka “TheMFNPlug,” has pleaded guilty to a charge of conspiracy to commit computer intrusion. The plea comes in connection with a sophisticated scheme orchestrated by Stokes and several others to hack user accounts on the popular betting platform DraftKings, stealing hundreds of thousands of dollars in the process.

According to court documents, in November 2022, a group of hackers carried out a credential stuffing attack against the DraftKings website, which resulted in the compromise of 60,000 user accounts.

Once inside the breached accounts, the attackers used various techniques to steal funds, including adding a new payment method to the hacked accounts, depositing a nominal amount to verify it, and then swiftly withdrawing all funds to a separate attacker-controlled account. Furthermore, the hackers sold access to the compromised accounts on underground forums.

Stokes entered a guilty plea to the charge of conspiracy to commit computer intrusion, which carries a maximum sentence of five years in prison. The hacker is scheduled to be sentenced on August 15, 2024.

Operation Pandora dismantles 12 scam call centers, Spain arrests over 100 WhatsApp fraudsters

An international law enforcement operation codenamed “Operation Pandora” has resulted in the shutdown of 12 call centers across multiple countries specializing in various types of fraud, ranging from online banking fraud and prepaid card fraud to debt collection and romance scams. As part of the operation, 21 suspects were arrested and evidence seized, including data carriers, documents, cash and assets amounting to 1 million euros.

Separately, the Spanish police announced the arrest of more than 100 people throughout Spain allegedly involved in a large-scale scam scheme, through which they stole thousands of euros from WhatsApp users by pretending to be relatives in distress.

Also, the US authorities have charged sixteen individuals in connection with a sophisticated scam scheme that has robbed hundreds of elderly Americans of millions of dollars. The fraudsters operated through a network of call centers based in the Dominican Republic that utilized advanced technology to spoof their location, making it appear as if the calls originated within the United States.

Additionally, four US citizens have been convicted for their involvement in a large-scale scam that used stolen personal identifying information (PII) to defraud banks of more than $4.8 million.

Former cybersecurity consultant arrested in a $1.5M extortion scheme

Vincent Cannady, a former cybersecurity consultant, has been arrested in connection with an extortion scheme targeting an unnamed IT company. Cannady is alleged to have threatened to publicly disclose the company’s sensitive data unless a settlement of up to $1.5 million was paid. Cannady, 57, was apprehended in El Dorado Springs, Missouri.

According to the complaint, Cannady had been assigned by his employer to work with the victim company, where his responsibilities included assessing and addressing potential vulnerabilities in the firm’s information systems. During his tenure, Cannady had access to sensitive and proprietary information belonging to the victim company.

After his engagement was terminated, Cannady illicitly downloaded the company’s sensitive data and uploaded it to a personal cloud storage account. He then demanded a $1.5 million settlement from the company, citing unspecified discrimination and emotional distress claims. His demand included a threat to release the documents he stole, which he claimed would damage the company’s reputation and investor confidence.

Charged with Hobbs Act extortion, Cannady faces a maximum sentence of 20 years in prison.

United States of America Finland Spain

What’s next:

Join our upcoming webinars
Follow ImmuniWeb on Twitter, LinkedIn and Telegram
Explore 20 use cases how ImmuniWeb can help
Browse open positions to join our great Team
See the benefits of our partner program
Request a demo, quote or special price
Subscribe to our newsletter

Cyber Law and Cybercrime Investigation Weekly Blog by Key Dutch

Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law.

Recent Blog Posts:

Four Iranian Hackers Charged With Cyberattacks On American Firms

An Ex-Amazon Security Engineer Gets 3 Years In Jail For Hacking And Crypto Theft

Hacker Fakes His Own Death To Avoid Child Support Payments