Basketball player arrested for alleged ransomware ties freed in Russia-France prisoner swap

A Russian basketball player accused of being involved in a ransomware gang was freed in a prisoner exchange between Russia and France. 

Daniil Kasatkin, 26, was seen in a video shared by Russian state news outlet TASS emerging from a plane that was then used to send French researcher Laurent Vinatier back to France. Vinatier was sentenced to three years in prison after Russian officials accused him of violating “foreign agent” laws.

Kasatkin was detained in June at Paris’s Charles de Gaulle Airport shortly after arriving in the country with his fiancée. He was held in French extradition custody after U.S. prosecutors issued a warrant for his arrest based on accusations that he served as a negotiator for an unnamed ransomware gang that attacked about 900 organizations between 2020 and 2022. 

He was charged with conspiracy to commit computer fraud. While the ransomware gang was never named, the Justice Department previously said the now-defunct Conti ransomware group attacked more than 900 victims worldwide. 

The U.S. State Department did not respond to requests for comment about whether they were notified that France would be trading Kasatkin for Vinatier. News outlet AFP reported that French officials did inform the U.S. government that it was sending Kasatkin back to Russia in exchange for Vinatier. 

Kasatkin previously studied and played basketball in the U.S. at Penn State University in the 2018-2019 season before spending four years playing professionally with Moscow’s MBA-MBAI.

His lawyer told French news outlets that Kasatkin was not involved in ransomware attacks and claimed the accusations related to a second-hand computer he purchased. 

A Russian Telegram channel focused on sports news claimed U.S. authorities had been tracking Kasatkin since early 2025, and the arrest warrant was issued just one day before his arrival in France. 

U.S. officials have had recent success in extraditing hackers accused of assisting Russian ransomware gangs and hacktivist groups. Another alleged Conti member was extradited from Ireland in October and Ukraine sent a prominent hacker to the U.S. last month.