LockBit administrator sentenced to almost four years in prison after guilty plea

Avatar

An administrator for the LockBit ransomware gang has been sentenced to four years in prison after pleading guilty to eight charges in a Canadian court last month.

Mikhail Vasiliev, a 34-year-old Canadian-Russian dual national, has been in legal peril since he was first arrested in October 2022 at his home in Bradford, Ontario, as part of an international operation involving European, U.S. and Canadian authorities. He has faced charges from both the U.S. Department of Justice and Canadian authorities since his arrest. 

On Tuesday, Justice Michelle Fuerst handed down an almost four-year sentence to Vasiliev, calling him a “cyber terrorist” who was “motivated by his own greed,” during a hearing in Orillia, Canada. Vasiliev’s lawyer, Louis Strezos, told CTV News that the hacker “took responsibility for his actions” and only became involved in cybercrime during the COVID-19 pandemic.

Vasiliev pled guilty to eight charges involving cyber extortion, weapons possession and more. The charges related to ransomware attacks launched against three Canadian companies in 2021 and 2022. In addition to the prison sentence, he has also been ordered to pay $860,000 in restitution to his victims. 

CTV News also reported that Vasiliev has also consented to being extradited to the U.S. — where he is facing several charges unsealed in a New Jersey court in 2022 for his role in LockBit.

The U.S. charges include  conspiracy to intentionally damage protected computers and to transmit ransom demands. He faces a maximum sentence of five years in prison if convicted. 

He is one of only two LockBit suspects known, by name, to be in law enforcement custody.  Ruslan Astamirov is awaiting trial in the U.S. on charges filed last June related to deploying LockBit against victims in Florida, Kenya, France and Japan.

He was released on bail last year but rearrested in December after violating the conditions of his parole. 

Last month, an international law enforcement operation brought down the ransomware gang’s infrastructure and identified hundreds of affiliates involved in the group. The U.S. Justice Department also unsealed indictments of Russian nationals Artur Sungatov and Ivan Kondratiev — an infamous hacker also known as Bassterlord.

Two arrests in Ukraine and Poland were announced as part of the rollout of the takedown, but police did not reveal the identities of those detained.

LockBit was the most prolific ransomware operation in the world before its takedown, launching thousands of attacks against governments, businesses and organizations in dozens of countries. 

The gang offered its ransomware as a service, providing its platform to customers for a fee since 2019. Researchers at Recorded Future attributed nearly 2,300 attacks to this threat actor. The group received more than $120 million in ransom payments since it began operating

The gang has tried to give the illusion that it is still operating, posting data stolen from organizations before the law enforcement takedown

CybercrimeNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Russian independent media outlet Meduza faces ‘most intense cyber campaign’ ever

Next Post

Russian-Swedish national behind $400 million crypto mixer convicted of money laundering

Related Posts

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. "To exploit this technique, a user must be convinced to run a program that uses UI Automation," Akamai security researcher Tomer Peled said in a report shared with The Hacker News. "
Avatar
Read More

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating
Avatar
Read More

Protecting Tomorrow’s World: Shaping the Cyber-Physical Future

The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous challenges. In our recent webinar, Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025, we explored the different factors shaping the cyber-physical future. In an insightful conversation with industry experts, we discussed
Avatar
Read More