US strikes back against Kaseya attackers

The Justice Department on Monday announced that it had seized more than $6 million in ransomware victim payments as part of a sweeping effort crack down on hackers involved in ransomware attacks against U.S. companies.

As part of this effort, the Justice Department indicted Ukrainian national Yaroslav Vasinskyi for his part in carrying out the ransomware attack on IT company Kaseya in July through the use of REvil ransomware. An indictment was also announced against Russian national Yevgeniy Polyanin, from whom $6.1 million in victim ransom payments was seized.

In custody: Vasinskyi, who was taken into custody in Poland in October and awaits extradition to the United States, faces charges including conspiracy to commit fraud and money laundering. Vasinskyi faces up to 115 years in prison if convicted of all counts.

Polyanin remains at large abroad, but is charged with similar counts as Vasinskyi, and faces up to 145 years in prison if apprehended and convicted on all counts.

Attorney General Merrick Garland announced the seizure of funds and the incidents during a press conference on Monday along with FBI Director Christopher Wray and Deputy Attorney General Lisa Monaco. He emphasized that “this will not be the last time” that the U.S. reclaims ransomware victim payments.

But wait, there’s more: The Justice Department efforts are part of a wider set of actions undertaken by the Biden administration on Monday.

The Treasury Department also announced sanctions against virtual currency exchange Chatex along with four other entities — IZIBITS OU, Chatextech SIA, and Hightrade Finance Ltd — for their alleged involvement in facilitating ransomware attack payments.