And note to his crime pals – he said he would sing like a canary
An ex-Canadian government worker who extorted tens of millions of dollars from organizations worldwide using the NetWalker ransomware has been sent down for 20 years, the register reports
Sebastian Vachon-Desjardins, 35, of Gatineau, Quebec, was also ordered to pay back $21.5 million bagged from his cyberattacks against dozens of organizations globally, from corporations and municipalities to hospitals, law enforcement, emergency services, school districts, colleges, and universities.
“The defendant in this case used sophisticated technological means to exploit hundreds of victims in numerous countries at the height of an international health crisis,” said Roger Handberg, US Attorney for the Middle District of Florida, in a statement yesterday.
NetWalker ransomware affiliates – losers who rent the malware to use against victims – specifically attacked hospitals during the height of the COVID-19 pandemic, using the global crisis to extort healthcare organizations.
Now a federal district court judge in Florida has sentenced [PDF] Vachon-Desjardins to 240 months behind bars for conspiracy to commit computer and wire fraud, intentionally damaging a protected computer, and transmitting a demand in relation to damaging a protected computer.
A US judge will give a detailed order covering restitution at a later date.
Vachon-Desjardins pleaded guilty to all four counts in a US court in June, and his plea agreement described him as “one of the most prolific NetWalker Ransomware affiliates.”
At that time, while facing up to 40 years in the slammer, Vachon-Desjardins said he would “cooperate fully with the United States” as American prosecutors worked to bring others slinging the ransomware to justice. This included testifying against his former NetWalker affiliates.
If this cooperation qualified as “substantial assistance,” the Justice Department said he may get off with a lighter sentence. Since his jail sentence was two decades rather than the full four, we’re guessing he coughed up at least some info.
In March, Vachon-Desjardins was extradited to the US after being detained by Canadian authorities in January 2021. Canadian law enforcement, who searched Vachon-Desjardins’s home in Gatineau, discovered and seized C$742,840 ($546,386) and 719 Bitcoin, valued at about $21.85 million at the time of seizure and $14.46 million today.
Around the time of Vachon-Desjardins’ arrest, the US Justice Department, working with the Bulgarian National Investigation Service and the Bulgarian General Directorate Combating Organized Crime, announced a takedown of NetWalker’s infrastructure, including the seizure of about $454,530.19 in cryptocurrency from ransom payments, and the disablement of a dark-web site used to communicate with NetWalker ransomware victims.
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.