Yaroslav Vasinskyi, a Ukrainian national and prominent member of the REvil ransomware gang, has been sentenced to 13 years and seven months in prison. Known by his alias “Rabotnik,” Vasinskyi was involved in over 2,500 REvil (Sodinokibi) ransomware attacks, demanding more than $700 million in ransom payments. His cybercriminal activities included double extortion tactics, where stolen corporate data was used to pressure victims into paying the ransom by threatening to publicly disclose the information. Vasinskyi’s arrest in October 2021 while attempting to enter Poland led to charges including conspiracy to commit fraud, intentional damage to a protected computer, and conspiracy to commit money laundering.
The U.S. Department of Justice highlighted Vasinskyi’s significant role in the infamous Kaseya supply-chain ransomware attack, which affected over 1,500 companies worldwide. The attackers exploited a zero-day vulnerability in Kaseya’s VSA software, used by managed service providers, to deploy encryptors across numerous networks simultaneously. This incident marked one of the largest ransomware attacks in history. Vasinskyi was extradited to the United States in March 2022 to face trial, where he pleaded guilty to an 11-count indictment related to his criminal activities.
Despite facing a maximum potential sentence of 115 years, Vasinskyi received a significantly reduced sentence. He was also ordered to pay $16 million in restitution. The Department of Justice’s announcement also mentioned the seizure of 39.89138522 Bitcoin and $6.1 million in connection with ransom payments linked to Vasinskyi. The REvil ransomware operation, which peaked in 2021, was responsible for several high-profile attacks, including a $50 million ransom demand from Acer and the leak of Apple device blueprints. The operation was eventually dismantled in late 2021 following law enforcement efforts and several arrests in Russia.
