A Ukrainian man appeared before a US court on Wednesday to face charges over his role in ransomware attacks, including last year’s hack of IT software company Kaseya.
Yaroslav Vasinskyi, 22, was extradited to the United States from Poland on March 3, the Justice Department said, and made an initial appearance in a court in the Northern District of Texas.
Vasinskyi was arrested in Poland in October as part of a global operation against ransomware attacks.
The arrests were linked to the Russian-based hacker group REvil, also known as Sodinokibi, and the ransomware group GandCrab.
“The Justice Department will spare no resource in identifying and bringing to justice transnational cybercriminals who target the American people,” Attorney General Merrick Garland said in a statement.
According to his August 2021 indictment, Vasinskyi accessed the computer networks of several companies and deployed Sodinokibi/REvil ransomware to encrypt their data.
Among the companies targeted was Kaseya, which provides IT services to some 40,000 businesses globally.
Ransomware is an increasingly lucrative form of digital hostage-taking in which hackers encrypt victims’ data and then demand money for restored access.
Companies targeted by Sodinokibi/REvil were told to pay a ransom in virtual currency or their data would be posted publicly.
Vasinskyi is charged with conspiracy to commit fraud and conspiracy to commit money laundering. He could face up to 115 years in prison.
Yevgyeniy Polyanin, a Russian, has also been charged with conducting REvil/Sodinokibi ransomware attacks against businesses and government entities in Texas in August 2019.
Polyanin, who has been indicted in Texas for conspiracy to commit fraud, is believed to be in Russia, possibly in Barnaul, according to the FBI.